last executing test programs:

33.457941033s ago: executing program 4 (id=482):
syz_open_procfs(0x0, &(0x7f0000000580)='smaps_rollup\x00')
syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x100)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000000)="57bebdc10e4ff6ddb3a4d05c027db2e2", 0x10)
syz_usb_connect(0x6, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100020aedc3ff0c093211d3140102030109021200010e7fd0a60904600f00b7ab4621"], 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newchain={0xd8, 0x64, 0x2, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x3, 0x3}, {0x9, 0xf}, {0x7, 0xc}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0x9b}]}}, @TCA_CHAIN={0x8, 0xb, 0xd0a}, @filter_kind_options=@f_u32={{0x8}, {0x74, 0x2, [@TCA_U32_POLICE={0x68, 0x6, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x229c}, @TCA_POLICE_RESULT={0x8, 0x5, 0x9}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xffffffffffffffff}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xfffffffffffffff7}, @TCA_POLICE_TBF={0x3c, 0x1, {0x9, 0x6, 0x0, 0x7, 0x6, {0x7, 0x0, 0x800, 0x1000, 0xae, 0x6}, {0xc, 0x2, 0x1, 0x2, 0x3, 0x5}, 0xe000, 0x0, 0x3}}]}, @TCA_U32_FLAGS={0x8, 0xb, 0x8}]}}, @filter_kind_options=@f_flow={{0x9}, {0xc, 0x2, [@TCA_FLOW_BASECLASS={0x8, 0x3, {0xe, 0x1}}]}}]}, 0xd8}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x127081)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/vlan/vlan0\x00')
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r5, 0x8923, &(0x7f0000000040)={'vlan0\x00', 0x40})
ioctl$LOOP_GET_STATUS64(r4, 0x4c05, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x47)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='proc\x00', 0x0, 0x0)
r6 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000700), 0x1c1140, 0x0)
ioctl$SOUND_MIXER_WRITE_VOLUME(r6, 0xc0040d07, &(0x7f0000000040)=0x121)
r7 = open(&(0x7f0000000100)='./file0\x00', 0x8100, 0x0)
getdents(r7, &(0x7f0000001280)=""/4075, 0xffb)

30.197097288s ago: executing program 4 (id=490):
faccessat2(0xffffffffffffff9c, 0x0, 0x3, 0x300)
r0 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_int(r1, 0x6, 0x4, &(0x7f0000000200)=0x2, 0x4)
sendto$inet6(r1, &(0x7f0000000240)="04", 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x1000, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4)
syz_usb_connect(0x0, 0x24, &(0x7f0000001140)={{0x12, 0x1, 0x0, 0xbd, 0xf7, 0x13, 0x8, 0x2770, 0x930c, 0x8d6a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2a, 0xc5, 0x98}}]}}]}}, 0x0)
shutdown(r1, 0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001580)={&(0x7f00000015c0)={0x24, r3, 0x1, 0x70bd2a, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x24}}, 0x4000080)

27.10301746s ago: executing program 4 (id=502):
syz_open_procfs(0x0, &(0x7f0000000580)='smaps_rollup\x00')
syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x100)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000000)="57bebdc10e4ff6ddb3a4d05c027db2e2", 0x10)
syz_usb_connect(0x6, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100020aedc3ff0c093211d3140102030109021200010e7fd0a60904600f00b7ab4621"], 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newchain={0xd8, 0x64, 0x2, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x3, 0x3}, {0x9, 0xf}, {0x7, 0xc}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0x9b}]}}, @TCA_CHAIN={0x8, 0xb, 0xd0a}, @filter_kind_options=@f_u32={{0x8}, {0x74, 0x2, [@TCA_U32_POLICE={0x68, 0x6, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x229c}, @TCA_POLICE_RESULT={0x8, 0x5, 0x9}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xffffffffffffffff}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xfffffffffffffff7}, @TCA_POLICE_TBF={0x3c, 0x1, {0x9, 0x6, 0x0, 0x7, 0x6, {0x7, 0x0, 0x800, 0x1000, 0xae, 0x6}, {0xc, 0x2, 0x1, 0x2, 0x3, 0x5}, 0xe000, 0x0, 0x3}}]}, @TCA_U32_FLAGS={0x8, 0xb, 0x8}]}}, @filter_kind_options=@f_flow={{0x9}, {0xc, 0x2, [@TCA_FLOW_BASECLASS={0x8, 0x3, {0xe, 0x1}}]}}]}, 0xd8}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x127081)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/vlan/vlan0\x00')
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r5, 0x8923, &(0x7f0000000040)={'vlan0\x00', 0x40})
ioctl$LOOP_GET_STATUS64(r4, 0x4c05, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x47)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='proc\x00', 0x0, 0x0)
r6 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000700), 0x1c1140, 0x0)
ioctl$SOUND_MIXER_WRITE_VOLUME(r6, 0xc0040d07, &(0x7f0000000040)=0x121)
r7 = open(&(0x7f0000000100)='./file0\x00', 0x8100, 0x0)
getdents(r7, &(0x7f0000001280)=""/4075, 0xffb)

21.65699799s ago: executing program 4 (id=518):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_emit_ethernet(0x52, &(0x7f0000000400)={@local, @random="b331687b8145", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "62d308", 0x1c, 0x6, 0xff, @private1, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, {[@generic={0x4, 0x8, "096180cd5ee5"}]}}}}}}}}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b0400000000000000000a0000002400048020000180070001006374000014000280"], 0x78}}, 0x0)
syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace(0x8, r2)
syz_pidfd_open(r2, 0x0)
r3 = syz_io_uring_setup(0xd2, &(0x7f0000000440)={0x0, 0x4000, 0x800, 0x3}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x47ba, 0x0, 0x0, 0x0, 0x0)
wait4(0x0, 0x0, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_JOIN_MESH(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x4004051}, 0x10)
pipe2$9p(&(0x7f00000000c0), 0x84800)
write$tun(r1, &(0x7f0000000240)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x4, 0x14}, @ipv4=@udp={{0x6, 0x4, 0x3, 0x1b, 0xb4, 0x66, 0x0, 0x40, 0x11, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x1a}, {[@timestamp={0x44, 0x4, 0x1c, 0x0, 0x6}]}}, {0x4e20, 0x4e22, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "084daf92a6e286bb40b9fa1ae860c2a351c9b7f028b26bcbcbc8a3ca8f3cdb35", "defa40a3174d125dbd5562c1ca7a331015413257dc5bb85356ba3c89f59a51ba09f80232efc11fae00", "63d49a11aca0452e6ac5d83519db21e5ca2d4e716ecc16669e4fe921", {"e192cb61fd19036a3135ae905ed0be61", "858260c01c9b667354d45433660e8b47"}}}}}, 0xc2)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)

18.043232724s ago: executing program 4 (id=523):
select(0x40, &(0x7f00000000c0)={0x9, 0xca5, 0xfffffffffffffffb, 0x8e, 0x8000, 0x200, 0x7, 0x4}, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$rtc(0x0, 0x0, 0x20080)
r0 = io_uring_setup(0x1612, &(0x7f0000000200)={0x0, 0x0, 0x800})
io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, 0x0, 0x0)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="180100001f00010000000000000000000501028015007e006572726f72733d72656d6f756e742d726f00000014000100ff02000000000000000000000000000150bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b504681000000000000009ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc504001100000000fe0ec7b95b375450dfb3240ce981f44d204b761517f3fd"], 0x118}], 0x1}, 0x0)
syz_usb_connect(0x0, 0x3f, 0x0, 0x0)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
getpeername$packet(r2, 0x0, &(0x7f0000000340))
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x10000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$usbmon(0x0, 0xf4, 0x8800)
r4 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)=0x10)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
getdents64(r5, &(0x7f0000001f00)=""/4093, 0xffd)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000100), 0x2000)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000700)=ANY=[@ANYBLOB="b601000000000000bd110000000000008510000002000000850000007600000095000000000000009500a5050000000077d8f3b4000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d75357f21699cdc6751dfb265a0e3ccae669e173a649c1cfd6587d472d64e7cc955d77578f4c35235138d5421f9453559c35da860e8ef14142b2a3e314422b854421eed734ceb1efeecb9c66854c3b3ffe1b4ce25d7c983c005c03bf3a48dfe3e26e7a23129d6606fd28a697a9d552af6d9a9df2c3af333e2008e11bbec0727cb3f647535deb6277f5696833a71011a7d06602e2fd5234712596b696418f163d1a13ed38a682f87925bfa753f631cd027edd68149ee99eebc6f7d6dd4ae59af7588c8e1f4efab57644ccb1973d7879b70a70001040000000000000000d7900a820b63278f4e9a217b98ef7042ad2a923132f208fd8289eaf8cd00000000000009d27d753a300800000000000000a5686f2fccc33e3e34c3969c5ad781302d40e97a8ad10ce0cbe17366d5ac6af2fca2360a15b80400d52040ef7b28d300747877e176fe4c4b8e40dbf260f5a9f7eee30293c1b163b795d0aef4deb851a30000f569dc8f39943f889008e1ec914faa9e6cd0b3b4b3b5db666ebeb49d6a62019d76459e70b459543c4ac42e53b4ad4c77cff373ebd95848f01864e456969cd28000170996016aceb583df5ee4dd722e8c350af489f9a900000000a0dcc36b3d7c734a9cce0439f832a20d7cbdcda5dff3ba92dd66afb9d74aa222038994dcd3e7784dbea1e51a15b0f1a040cc63177f8fafa3192fc8e5552da1a982ab8dfe31ad1a0968faa47c2069d6bf09c3aa4f0fc128cb578d99b08a150b4cc4b22f6a464c6398c952519818a44a1b223ff502df87865c276588ea478e328e8277e811b99ce1acfecaf8e2c55ccc4b8eae0a61635514e99ffd438784060f23ba74c0b30b1180d935832deb686d789ba1d436d116394534e88492a42b8bf050c719661a2dc50b3a1dcfbc871e5c27e3d7260f6fa589e40000b89db451ff994845f6b49c12e89291398bcb3c06ef1289f74e0b0e2cab592d35f82a69e7284223a171c616b1f0fee6c4711d7aecb69746064d2c096554975d605ebe646302bf3d5cf32a9a09915ae3f3d4eb96615d7b237da56cd5e9904a19e145f25b6d98eb2c019967f553b61d0e80d6913cee9f8d18469a654a239a84a85debbc02846ac5791278f18c6759e3b513a68284d2efc30587e433431b2896a3bd48020af67e9ac071b2dd6dc3b9efae4ff03558fa619aea909c7f2416e7e7da1c51ccc7e6ac27412f728dc6d80da8adf317ca863ed683897321f8c8bb5a5d953d6783b7a06353ee496bbdff418de3e53234df87756eb99e330253cf5da4aa1a9648a38f07e2d302b4165983db4f7b8972923fffa8c03c288512a3a38fbd7c816a44634f7a03fab30811b7b93257bea4369ba46024dee5e9b0b2c3d3324e9b7c1f99ab9bb3f498b1485373b79ec84a67dad4e37575dab87ce55a9a69ed856a4c4410d1242ac1bd1539094a641cc086c2c53e363beafc74ab4e9ff320373705cbf5644586ffe60d293944fa2d9dc18b55f1af5c42f27747bef1ffd0c1766f062d47d61bf9f64e6ee288fa7fc12d48da526527b9f5c318c93ec447cb8b5eee7aa8a1e85696af3dfef96657c0545c8ebd96528d9c28828e5befd80d684b03b6d153da3e3cbd3bfbf4a9375b8ad04a1d241bcb5d5505cb6cc7a44e2e24bd0b1ca4879caaff59d0ce39dc7f3fea447f4e46967855208e63ec988bd2692afefbed2b001205e4b30ee8fe417defa566a73ace8f01f7181de0ef25f1744896a3c38859e6148c42454949cd64b1a888e7fe9c2d86bb01023b6ddeb67f5eb038af3e460c771518a4126c338b0390d459361e03adf6e6b558b3651a0e33d101b5febfff82794203da18db6fcf89715c2d338f78d8b9220171b41f528f857a7cb79ca990de1208777e13faaa9b9cb9e67797b07d9eb9e909410b50c5d981d9a72aa36498b630519d1530ef0000000000000000000037fcffffffffffffff8db8379bd2044c652dff399a9f8bfa4e9c507f049d18837464276830461ee203ba51f6102d262fc9a26bc3638ecce24e65c55da6efaa462f03d0e119c963a8c7a522b59f5a7b44d018cb2648383073d9e032492cae44350bc0a85697f431392eb22cae093e85954af97d6d7b2e6e8f43353062275ad1578a431594243452a2bfb89f91d8eaac038e9e17136e7c698f73faaabb3d00000000000080014573789425c4c32da528d89356aa6d2ae6da082e756c80cf39053431080ea6cbf9997a5a0ddad0b9d12bc3f880476ab32f0feaac5f16e61f7b72b8c9082eec423c6b3eaecfdcc9ec72795e7696421c83b76c2d6bac19bc875d009679778d8ef97d7e05329649d97b0dc54bea9b650873de2d3d702690176e0b23ee5cb5e469a8d1612d611722e6200e3a297d92f8e1de98326c5ef2b89d4e2d47767cd755783e5d865e373338e96ceb8399f296c59b2d70ca27735ecaff62982616d3ac1ab041733bce119d8002a6c8a2b08b32551b2313b1a2ff41b3f04af61c69c85cb2da48215727271bac2ffdeb62d9f5dc4845f1c3f63dc806e615ee8d28d6d7f181e30807afa27f41d0364c746a65a47464db68f3c433d88dd625db35fded2c86d75af88efaf20c8b37c644b6c4e773a9589200faa553bc92f916b75ddbfa18ab73979f46947b35914286d2499a0b8c970000000000000000f4fe74e0c26ab52329bd600627b256ca44dd121ffc8dbb6e5f70cbe03efccac70375b30cc927574d254d1b46c607e8b1ca7d1511568c3ef4b6b885f4582bdcef74e5e010627fc8e4fe00000000000000000000869d9640f06b11df2971909b90133983308ea4f033de613763f32d913bcbe9dd082a6fff197a20730269e6cfd31275395833f1c2b8a50a94c30cceae2a11fe9b9b835d0da73891c0b3ce22dea6bf31e7f51808cf72f44b4455b77a778440795e152dc1b7bb0a5636aa4742ce4d331a47de5836539cdf289176527277b70c8162aaf6f9475418b478329f3565450acfaf07000000eab8cabfa97e35081967bb92a264b07e8003d2f15537e72a1e4ca5ec1e2aaaf8236ecdefbaf512c75e636b6b6f518ad20521f909b12e9bc97e408e0dc82f950d12705f35708bc862196abb27e8d7991b5273987f38c4706289ff4f6130cee76465d487a07a74452f87da2029bd3debd9870335d58d3fe1ac80574fa3ea312997ab81bc6f569ffdb10ba3f20a86d95128d13e0c778998d3b3114bfb07bd61e4bff8a5e2ce4aa572c63e09b44ca4a181bcfe4eec3ce843c65c4948169fe639a186acc2b4a96c6b8d4d2e6d53ab97bea01eab953e6e89e3af34d4ada217bc6fda0fb2095c49195d0d6f365ca80a955b9ec81240a84ef672afa369fc8e3d444ba35d0f51a0065a3b982d09dfc6874fc0d8079b185447cb8a695e132d4d613a529d9c77e2a8f7320ecf698e8a2b170fd601dc1a9767a38b10788e92d1356f6a6c1bcfb2d31b46e735db13f1be80bac1b6be04fd98610000000000000000000000000000139af5493f74751c5e2501a4936bc4a0fa516117f4ccadc692003adee0a080eba2f1059660c0ee0e9aec72d4d0fe095632e4f641b0e34c611c5b3e0ba05fa36542d40837dda323910672a9097d68398fd3539686e4288db0d6bf7cb8a1835f46dfe11865a66ef47e736dada06677a5bca133d6cbc8fe5c4557e51b006bdccd7c5f32ff1d9e8b130f77df09236870fb3de5b87b4f8acc13df534eba329b86670000000000000000b27a2616c03cdf6c009447a652bca9b325e73c0737d5b717945e4fe7a169c5e2c54fc71a4104aa7cf0f5d30e2fcd9503650edbd8a5971a9a1fde5e5df37469ae204a6e899eacc1e63034cbabc5604739881cb82604bed3e53696a0606b26b879ef232a1a038291389593d1575cb79aa8284cf01a7e1a456acab9d8d608ad69d4c4b56492af7004e7ed9d47c5db3d76a00bea7c804f3a3638408bc1636f1009b7f185f51606918eaa0ab6bef11ae3d300"], &(0x7f0000000080)='GPL\x00', 0x9, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

15.533673453s ago: executing program 4 (id=529):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
memfd_create(&(0x7f0000000000)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xae\xebA;Y\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2W\xc72\xea\xb7Wp\xc36\x96\xffZ\\A@\x00\x00\x00\xc9\xf3Y\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{u[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v\x1d*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5M\x9a\x9dc\xaaAU\xec\xe06\xed\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262<k\xa8\x88\x01\x00fhD\xe7\xb6\x17\x80\x95\xa8\x1e\t\xb01KB\xcb\x00\x1e\x7fE\x7f\x02\x00\x00\x00y<nGR\x94\x99\xb8\x89\x9b\x8f\xd5\xe6\x02\xb5C\xad\"u\xf4>\x00\x00\x00\x00\x00\x00\x00\x00Nz\x0eu\x8f\x01\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x10\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[\x00\x00\x00Q\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9fG\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\x94\xf3\xcc\x8d\xbb3\\\"\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82?S>\x0fP\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xe8\x89\xc4s\xb7\x14~}\xaa\x8c\xc3\x95BAE\xf2.\x8f#;a\x94\"\xd1U\xff\xe8v\xd3\x84d\xf4\x134\xa6XI\xe5h\xaa\x15\x9a\xf7Z\xe3%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x06\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9q\x12\xe3\x1a\xdc\xb7\x12\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\x10W\xbd\xa60A\xc3\x03\xfa\x890\x86#\bQ\xcb)\x00]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1\t\x00\x00\x00 \xc1\xaf\x19?\x00\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xe29\xc3}\xb9P\xd5F\xc6\x12\x8c_x\xa8\xfa\xb5K\x03\x85\x93k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x1b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\xe7]6+\\\x00\x00\x00\x00?#C.\x1dj\xd9\xc3\xdd&\x80g:N\xec\x06[\x8f\x92\xe2\xb01\xb0\xef\x10,\xde\xf3\x86D\x8b\xf7\xf1>AH\xef\\\xf9\x8b\a\xe0\xb2\xcb\xf0\x97\b\r\xd5`\xb9\xd6\xa4\x1e\xbe\x12-}\xc5\x84\xde@\x18\x87\f\x01O\xedS\x8f\x9en,\xbce\xb2\xe4\x82v\x1c\xed\x84-s\xab\x06b\x9c\xba\xec\xa5\xc9A\x84\xd0\xe0 S\xc8\xa2\xaf\x85\v\xad\xa5\x88\xcf\xb6}`\x14\'\xea\xbfN\xac)\xa1\xe8\xb2\x9f\x112TJ\x16\x8c9\xe9\xf5\x18\x15Dd\x8a%>\x91\x93\x88\xe9\x18\x82]\x9e&\xfa\xaa\xfa8Z2\x00'/1301, 0x3)
r0 = syz_usb_connect(0x2, 0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="31010000dccd5e08cb06030000e8169523010902240001000064000904340102d469e70009058acf"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=@v1={0x1000000, [{0x3ff, 0x4}]}, 0xc, 0x2)
r1 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r1, &(0x7f0000000200)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)

13.88168793s ago: executing program 2 (id=535):
socket$rxrpc(0x21, 0x2, 0xa)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x1}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f0000001bc0)=[{{&(0x7f0000000440), 0x80, &(0x7f0000001600)=[{&(0x7f0000000240)=""/5, 0x5}, {&(0x7f00000002c0)=""/51, 0x33}, {&(0x7f00000004c0)=""/4089, 0xff9}, {&(0x7f00000014c0)=""/178, 0xb2}, {&(0x7f000001b000)=""/4096, 0x1000}, {&(0x7f0000001580)=""/107, 0x6b}], 0x6, &(0x7f0000001680)=""/140, 0x8c}, 0x101}, {{&(0x7f0000001740)=@nfc, 0x80, &(0x7f0000001a80)=[{&(0x7f00000017c0)=""/153, 0x99}, {&(0x7f0000001880)=""/69, 0x45}, {&(0x7f0000001900)=""/115, 0x73}, {&(0x7f00000003c0)=""/45, 0x2d}, {&(0x7f0000001980)=""/240, 0xf0}], 0x5, &(0x7f0000001c40)=""/134, 0x86}, 0x114}], 0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0xfffffffffffffffd, 0x0, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
r2 = syz_clone(0x904000, 0x0, 0x5f, 0x0, 0x0, 0x0)
r3 = getpgid(r2)
setpgid(0x0, r3)
r4 = openat(0xffffffffffffff9c, 0x0, 0xc4e02, 0x2)
openat(r4, 0x0, 0x80000, 0x150)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0x9362, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002000)=""/102400, 0x19000)
sendmmsg$inet6(r4, 0x0, 0x0, 0x4044)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
read$FUSE(r6, &(0x7f00000029c0)={0x2020}, 0x2020)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)

12.250984917s ago: executing program 2 (id=542):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
exit(0x5)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
syz_open_dev$vbi(0x0, 0x2, 0x2)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454d9, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x24, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000002c0)={r2, &(0x7f00000006c0), &(0x7f0000000000), 0x2}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
prlimit64(0x0, 0x3, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000000a00)=""/102384, 0x18ff0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xff45)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/25], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="00002ded000000000000", @ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)

11.497028655s ago: executing program 3 (id=543):
socket$inet_udplite(0x2, 0x2, 0x88)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
sendto$inet(r4, 0x0, 0x218, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r6, 0xc004743e, 0x110e22fff6)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

10.294563415s ago: executing program 2 (id=545):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r1=>0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x20050800)
close(0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='sched_switch\x00', r2, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e1d}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000080), 0x88141, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$packet_fanout_data(r6, 0x107, 0x16, &(0x7f0000000300)={0x8, &(0x7f00000000c0)=[{0x3, 0x0, 0x80, 0x8}, {0x4, 0x9, 0x0, 0x5}, {0x4257, 0x7, 0x3, 0x3}, {0x3db, 0x9, 0x3, 0x622}, {0x7, 0x4, 0x39, 0x5}, {0x1, 0x7, 0x0, 0x342}, {0x9, 0xab, 0x0, 0x6}, {0xce, 0x8, 0x4, 0xff}]}, 0x10)
bind$can_j1939(r7, &(0x7f0000000080)={0x1d, r1}, 0x18)
sendmsg$can_j1939(r7, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={0x0}}, 0xee)
sendmsg$nl_route_sched(r0, 0x0, 0x0)

9.647595667s ago: executing program 3 (id=546):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000000240)=ANY=[@ANYBLOB="300000002e000305000000000000000020000080080000000000000008000000", @ANYRES32, @ANYBLOB="0c000f000000120000c453"], 0x30}], 0x1}, 0x0) (async)
r3 = socket$inet(0x2, 0x1, 0x0) (async)
gettid()
setsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4) (async)
shutdown(r3, 0x0) (async)
recvmmsg(r3, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) (async)
r4 = socket(0x840000000002, 0x3, 0xff) (async)
r5 = socket$igmp(0x2, 0x3, 0x2)
ioctl$SIOCGETVIFCNT(r5, 0x89e0, &(0x7f0000000000)={0xffffffffffffffff}) (async)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000040)='bridge_slave_0\x00', 0x10)
connect$inet(r4, &(0x7f0000000540)={0x2, 0x2, @multicast2}, 0x10) (async)
sendmmsg$inet(r4, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94)

9.476141119s ago: executing program 0 (id=548):
r0 = socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000001080)='smaps_rollup\x00')
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
socket(0x2, 0x80805, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x18)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r2, @ANYBLOB="08000100", @ANYRES32=r4], 0x90}}, 0x0)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
preadv(r1, &(0x7f0000000040)=[{&(0x7f0000000a00)=""/197, 0xc5}], 0x1, 0x0, 0xffffffff)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
madvise(&(0x7f00005b3000/0x3000)=nil, 0x3000, 0x4)
getsockname$packet(r5, &(0x7f0000000000)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r7, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = openat$mice(0xffffffffffffff9c, &(0x7f0000000240), 0x200000)
setsockopt$inet6_tcp_TCP_MD5SIG(r8, 0x6, 0xe, &(0x7f0000000340)={@in={{0x2, 0x4e21, @private=0xa010102}}, 0x0, 0x0, 0xd, 0x0, "941784a3c81333115f016ec58ff58d748d88630d4d0002830ebd09043bdb51b761bf4182165d5672affef486f119a1e3f9b01aae1586174a2d003bc0a8c0a5bbabbeea14361d0d1fb2fc70a7a81fbfc2"}, 0xd8)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="20000000140001000000000000000000060000ff", @ANYRES32=r7, @ANYBLOB="08000200ac1414aa"], 0x20}}, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.pending_reads\x00', 0x1a10c1, 0x9c37611dc13d0d83)

9.344345545s ago: executing program 2 (id=549):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000f40)=ANY=[@ANYBLOB="12010000dc3f6e4013080100083a000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000008c0)={0x84, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000540)={0x2c, &(0x7f0000000300)=ANY=[@ANYBLOB="c0403000007d"], 0x0, 0x0, 0x0, 0x0})
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
prlimit64(r1, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006, 0x0, 0x0, 0xfffffffa}]}, 0x10)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000001a40)={0x1f, 0xffff, 0x4}, 0x2)
r4 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
lseek(r4, 0xa, 0x1)
r5 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r5, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
getsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000180)={@multicast1, @dev, <r6=>0x0}, &(0x7f0000000240)=0xc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="020000000400000008d7000001000000c7000000f2350c1cac0fc82855b6758b4ac4d3eebcc255e934e2bb82b2619f49885be2f459b797424e533d1c9fe9288b1043f8d321b7abc83b822becd05c232c601978c4364cc8db9e6fcf881d616610e7ad7cebcfffa955ce8cbeffc339e835cc3d2183e783ae103c55f08f55c785d3ef442df9a5c85346d3a60000", @ANYRES32, @ANYBLOB="ffff00"/20, @ANYRES32=r6, @ANYRES32, @ANYBLOB="02000000040000000500"/28], 0x50)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e2b, 0xb, @private1={0xfc, 0x1, '\x00', 0x6}, 0x6}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0)
write(r3, &(0x7f0000000000)="3c00000058001f000307f4f9002304000a04d65f0800010002010002170003800500000099db973b91aa057972", 0x2d)
r7 = syz_open_dev$I2C(&(0x7f0000000040), 0x82, 0x42081)
ioctl$I2C_TIMEOUT(r7, 0x702, 0xfffffffffffffffc)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000280)={0x44, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

8.950259839s ago: executing program 1 (id=550):
socket$key(0xf, 0x3, 0x2)
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))
ftruncate(0xffffffffffffffff, 0xffffffffffff3467)
r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
dup(r2)
r3 = syz_io_uring_setup(0x6d8a, &(0x7f0000000140)={0x0, 0x27b2, 0x10100}, 0x0, &(0x7f00000001c0))
io_uring_enter(r3, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r4 = socket$inet(0x2, 0x6, 0x0)
shutdown(r4, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0xf9ba, 0x80500)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
read$dsp(r1, &(0x7f00000002c0)=""/4096, 0x1000)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee6, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
syz_open_dev$loop(0x0, 0x7, 0x2480)
socket$nl_generic(0x10, 0x3, 0x10)

8.571863677s ago: executing program 3 (id=551):
socket(0x10, 0x3, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f00000025c0)=[{{0x0, 0x0, 0x0}, 0x60}, {{0x0, 0x0, 0x0}, 0x6}], 0x2, 0xc2, 0x0)
syz_io_uring_setup(0x417a, &(0x7f0000000780)={0x0, 0x0, 0x10100, 0x0, 0xffffffff}, &(0x7f0000000000), &(0x7f0000000040))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000ef6e7b40000000100000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000a8b056f6381b731843d5119d000000000000b7080000feffffff7b8af8ff00000000e0a2000000000000b70400000000000085000000030000008e00"/74], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10)
prctl$PR_SET_MM(0x23, 0x0, &(0x7f0000ffc000/0x4000)=nil)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r3)
timer_create(0xfffffffd, 0x0, &(0x7f00000011c0))
timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x77359400}, {0x77359400}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)="5c00000013006bcd9e3fe3dceb48aa31086b8703110000001fa1ff0000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000d80)=@nat={'nat\x00', 0x670, 0x5, 0x400, 0x190, 0x238, 0xfeffffff, 0x0, 0x0, 0x368, 0x368, 0xffffffff, 0x368, 0x368, 0x5, 0x0, {[{{@ip={@broadcast, @local, 0x0, 0x0, '\x00', 'geneve0\x00'}, 0x0, 0xc0, 0xf8, 0x0, {}, [@common=@unspec=@cpu={{0x28}, {0x6, 0x4}}, @common=@ttl={{0x28}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x6000, {0x0, @broadcast, @loopback, @icmp_id, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x0, 0x7}}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x238}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @local, @local, @gre_key, @gre_key}}}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x32}, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xff000000, 0x0, 'team_slave_1\x00', 'bond_slave_0\x00'}, 0x0, 0xd0, 0x130, 0x0, {}, [@common=@unspec=@realm={{0x30}, {0xb, 0xea, 0x1}}, @common=@ah={{0x30}, {[0x5d58, 0x40e52834], 0x1}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @local}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x460)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64-generic\x00'}, 0x58)
accept4(r7, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0)

7.93763681s ago: executing program 0 (id=552):
socket$rxrpc(0x21, 0x2, 0xa)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x1}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f0000001bc0)=[{{&(0x7f0000000440), 0x80, &(0x7f0000001600)=[{&(0x7f0000000240)=""/5, 0x5}, {&(0x7f00000002c0)=""/51, 0x33}, {&(0x7f00000004c0)=""/4089, 0xff9}, {&(0x7f00000014c0)=""/178, 0xb2}, {&(0x7f000001b000)=""/4096, 0x1000}, {&(0x7f0000001580)=""/107, 0x6b}], 0x6, &(0x7f0000001680)=""/140, 0x8c}, 0x101}, {{&(0x7f0000001740)=@nfc, 0x80, &(0x7f0000001a80)=[{&(0x7f00000017c0)=""/153, 0x99}, {&(0x7f0000001880)=""/69, 0x45}, {&(0x7f0000001900)=""/115, 0x73}, {&(0x7f00000003c0)=""/45, 0x2d}, {&(0x7f0000001980)=""/240, 0xf0}], 0x5, &(0x7f0000001c40)=""/134, 0x86}, 0x114}], 0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0xfffffffffffffffd, 0x0, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
r2 = syz_clone(0x904000, 0x0, 0x5f, 0x0, 0x0, 0x0)
r3 = getpgid(r2)
setpgid(0x0, r3)
r4 = openat(0xffffffffffffff9c, 0x0, 0xc4e02, 0x2)
openat(r4, 0x0, 0x80000, 0x150)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0x9362, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002000)=""/102400, 0x19000)
sendmmsg$inet6(r4, 0x0, 0x0, 0x4044)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
read$FUSE(r6, &(0x7f00000029c0)={0x2020}, 0x2020)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)

7.764865941s ago: executing program 1 (id=553):
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={0x0, 0x0, <r0=>0x0, 0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000700)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket(0x2, 0x80805, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2e, 0x93}, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendto$inet6(r3, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
shutdown(r3, 0x1)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000030801011a000000000000230a00000706000240fbfb0000"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x400c2)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000300)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010040000000000002034400000008000300", @ANYRES32=r10, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140002"], 0x4c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095", @ANYRESOCT=r1, @ANYRESDEC=r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

6.730014239s ago: executing program 1 (id=554):
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000040)={'ip6gre0\x00', &(0x7f00000000c0)={'ip6_vti0\x00', <r0=>0x0, 0x29, 0x3, 0x20, 0x8, 0x2, @empty, @mcast1, 0x8000, 0x8, 0x4, 0xd}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000', @ANYRESDEC=0x0])
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006d61637365630000140002800500090001"], 0x44}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYRES16=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', r0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000d0918108ac051582588f0000000109022d00010000000009040000030b08000009058d67c8"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="40000000190001090000000000000000021800000000fd010000000008000100ac141400080005000a0101020c00168008000300e00000020600150006000010"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

6.320613376s ago: executing program 0 (id=555):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
memfd_create(&(0x7f0000000000)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xae\xebA;Y\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2W\xc72\xea\xb7Wp\xc36\x96\xffZ\\A@\x00\x00\x00\xc9\xf3Y\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{u[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v\x1d*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5M\x9a\x9dc\xaaAU\xec\xe06\xed\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262<k\xa8\x88\x01\x00fhD\xe7\xb6\x17\x80\x95\xa8\x1e\t\xb01KB\xcb\x00\x1e\x7fE\x7f\x02\x00\x00\x00y<nGR\x94\x99\xb8\x89\x9b\x8f\xd5\xe6\x02\xb5C\xad\"u\xf4>\x00\x00\x00\x00\x00\x00\x00\x00Nz\x0eu\x8f\x01\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x10\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[\x00\x00\x00Q\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9fG\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\x94\xf3\xcc\x8d\xbb3\\\"\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82?S>\x0fP\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xe8\x89\xc4s\xb7\x14~}\xaa\x8c\xc3\x95BAE\xf2.\x8f#;a\x94\"\xd1U\xff\xe8v\xd3\x84d\xf4\x134\xa6XI\xe5h\xaa\x15\x9a\xf7Z\xe3%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x06\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9q\x12\xe3\x1a\xdc\xb7\x12\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\x10W\xbd\xa60A\xc3\x03\xfa\x890\x86#\bQ\xcb)\x00]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1\t\x00\x00\x00 \xc1\xaf\x19?\x00\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xe29\xc3}\xb9P\xd5F\xc6\x12\x8c_x\xa8\xfa\xb5K\x03\x85\x93k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x1b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\xe7]6+\\\x00\x00\x00\x00?#C.\x1dj\xd9\xc3\xdd&\x80g:N\xec\x06[\x8f\x92\xe2\xb01\xb0\xef\x10,\xde\xf3\x86D\x8b\xf7\xf1>AH\xef\\\xf9\x8b\a\xe0\xb2\xcb\xf0\x97\b\r\xd5`\xb9\xd6\xa4\x1e\xbe\x12-}\xc5\x84\xde@\x18\x87\f\x01O\xedS\x8f\x9en,\xbce\xb2\xe4\x82v\x1c\xed\x84-s\xab\x06b\x9c\xba\xec\xa5\xc9A\x84\xd0\xe0 S\xc8\xa2\xaf\x85\v\xad\xa5\x88\xcf\xb6}`\x14\'\xea\xbfN\xac)\xa1\xe8\xb2\x9f\x112TJ\x16\x8c9\xe9\xf5\x18\x15Dd\x8a%>\x91\x93\x88\xe9\x18\x82]\x9e&\xfa\xaa\xfa8Z2\x00'/1301, 0x3)
r0 = syz_usb_connect(0x2, 0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="31010000dccd5e08cb06030000e8169523010902240001000064000904340102d469e70009058acf"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=@v1={0x1000000, [{0x3ff, 0x4}]}, 0xc, 0x2)
r1 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r1, &(0x7f0000000200)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)

6.123807351s ago: executing program 3 (id=556):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000240)={0x2c, &(0x7f0000001140)={0x0, 0x4, 0x2, {0x2, 0x11}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_ERRQUEUE(r1, 0x6b, 0x4, &(0x7f0000000400)=0x1, 0x4)
r2 = syz_usb_connect$hid(0x2, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f0000000ac0)={0x24, &(0x7f0000000800)={0x40, 0xf, 0x5a, {0x5a, 0x23, "632c89309d9aef355ba11272ed637c3fdea6e5e971f6ee2de8aab79dea52ee707bb13e7e8f91a099658925644ba24b586bc40dedf28ac3a208b53d6213cd1bca69fb5531124a928c6852f6c1ee2fc541d20dac50714b3c01"}}, 0x0, &(0x7f0000000940), 0x0}, &(0x7f0000000d40)={0x2c, &(0x7f0000000b00)={0x20, 0x13, 0x4b, "4ccd0a540409e97ab91482a46e071c2381e7afe3f8edf09baac7b8e337e0a5a0d6572412e9dfef9a5b15bdcd95f908c03298944b655760c9a08fa3406107ed3423bbc1d12c7e7641e24759"}, &(0x7f0000000b80)={0x0, 0xa, 0x1, 0x5}, &(0x7f0000000bc0)={0x0, 0x8, 0x1, 0xd0}, &(0x7f0000000c00)={0x20, 0x1, 0xf8, "d8876670270318e4383d98c2d08077387f53340b3613b83ef77bd257742a92d5d84c29ea90a745441d9758d628fcfd06d7bc485b767341d973b892d3988362058691165c875324d32418073e03be2de21e3ec83c764670bb6ee63363babe89f77061e8f6c5c1dd5aa44406a06ea3cb2067b47e88eec302df1612dfb8593cb220cc028d697779eeee96b88128453eb8309f345387b1ad3c6516b8488f170b74265265dd2388a4"}, &(0x7f0000000d00)={0x20, 0x3, 0x1, 0x1}})
syz_usb_ep_write(r0, 0x85, 0x100, &(0x7f0000000440)="b9425b44651dd23241963599000000110000004a16941ff5f4b4f1f0add7fcf2b877fceafffffffffff1ffdf4cd9f5d3969890522c77157d88010000003a5bd5531d459dffff03000000000091ff000000e8f5b3371da3635b8b4fa637135800001f65e4b436aa9e50bc0f19b7d3372ff9ebcede1fb5e9428f54d5d1f0cc752cf246a5d2da34a5aa97dc14a469c3dd3e26b41c356484e46fd66e3f2c7807e8773eed7b94fa099ab84feadec2ea95f65bba452eae5b0900f98a979a88c517a2dc360a00237723e2f467af706ea17226296b3a10a351cb47aba2c6b836c90679b4dd859ddc9e4800448aab0000000000000d75f34bb50d8d70843ae60f5961a381")
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x2441, 0x0)
mkdirat(r3, &(0x7f0000002040)='./file0\x00', 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='spmi_write_end\x00', r3, 0x0, 0x6}, 0x18)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
timer_create(0x9, 0x0, &(0x7f0000bbdffc)=<r4=>0x0)
timer_delete(r4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000000300)=""/102376, 0x18fe8)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x21, 0x3, 0x580, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x4b0, 0xffffffff, 0xffffffff, 0x4b0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private2, @private2, [], [], 'veth0\x00', 'syzkaller1\x00'}, 0x0, 0x220, 0x248, 0x0, {}, [@common=@inet=@hashlimit2={{0x150}, {'sit0\x00', {0x0, 0x9, 0x0, 0x0, 0x0, 0x8, 0x5}}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@ipv6={@empty, @mcast1, [], [], 'batadv0\x00', 'veth1\x00'}, 0x0, 0x200, 0x268, 0x0, {}, [@common=@inet=@policy={{0x158}, {[{@ipv6=@private1, [], @ipv4=@remote}, {@ipv6=@dev, [], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {@ipv4=@multicast2, [], @ipv6=@loopback}, {@ipv6=@rand_addr=' \x01\x00', [], @ipv4=@local}]}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5e0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
io_uring_setup(0x71f7, &(0x7f00000002c0)={0x0, 0x0, 0x91, 0x0, 0x10fff})
setresuid(0xffffffffffffffff, 0xffffffffffffffff, 0xee01)
setresuid(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

4.785522997s ago: executing program 2 (id=557):
r0 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r0, 0x0, 0x0}, 0x10)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000), 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000700)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket(0x2, 0x80805, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2e, 0x93}, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800100000004211041056edc3ea24a523b1cf66aa73a6ebf12fac2c17aae959ecafc40e3b7344041fcbc844352d6b2b3712aea32bf82e2c5b0d40d1bf8ceb49bc8e73e6154697a8fda05ea253a7dc7ca42469ee674e44332e6b48cf9a54d9b547ac1052836889eff11876b481a69655944cdbabb7f8d1525a00d57d8ae1c7fbdd6dfe3b8182e65b4cd0fea311da9a4bb29b", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa204000000000007020000f8ffffffb703000008fe1201b7044c4200170d4012d3327f60cb56e195f20000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_io_uring_setup(0x543c, &(0x7f0000000440)={0x0, 0x0, 0x400, 0xa, 0xffffff}, &(0x7f0000000380), &(0x7f0000000400))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendto$inet6(r4, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
shutdown(r4, 0x1)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000030801011a000000000000230a00000706000240fbfb0000"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x400c2)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_JOIN_MESH(r10, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010040000000000002034400000008000300", @ANYRES32, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140002"], 0x4c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095", @ANYRESOCT=r2, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

3.84073105s ago: executing program 2 (id=558):
fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = inotify_init1(0x0)
fcntl$getownex(r1, 0x10, &(0x7f0000000040))
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000700), r2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001bc0)={0x24, r3, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x56}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x8040}, 0x40000)
r8 = socket(0x2b, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r9=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010000304000000000000000000007400", @ANYRES32=r9, @ANYBLOB="0000000000000000240012800b000100627269646765000014000280060027000000000005002d"], 0x44}, 0x1, 0x0, 0x0, 0x40800}, 0x0)

3.491527937s ago: executing program 1 (id=559):
socket(0x1e, 0x3, 0x3a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000100000007"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffefb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r5, 0x8914, &(0x7f0000000000))
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}, {0x1, 0xa}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xbcf3}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10080}, 0x0)

2.613574275s ago: executing program 0 (id=560):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1bb344, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000100)="89e7ee0000000000000004c988", 0xd}, {&(0x7f0000000000)="08c1", 0x2}], 0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000040000000030a01020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000050900010073797a31000000003c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000040004800b00070066696c746572"], 0xc4}}, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r6, 0x0, 0x0, 0x0, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score_adj\x00')
ioctl$MON_IOCG_STATS(r7, 0x80089203, &(0x7f00000000c0))
fstat(r6, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
setresuid(r8, 0xee01, 0x0)
write$cgroup_int(r7, &(0x7f0000000080)=0x1, 0x12)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f00000001c0))
fcntl$setstatus(r7, 0x4, 0x44800)
setsockopt$packet_int(r5, 0x107, 0x14, &(0x7f0000000140)=0x5, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

2.444925233s ago: executing program 1 (id=561):
gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f0000000100)="cebb5a9495d8c907c6fdcbed2823d0eb65fddceaa2dd373cfcdb6c8e074484e19b70664a965309a18b8814ce8942c3d42ea461ad78c5e07b52980a935b3d1433202296fa8d4538710ec73c634b34be6932f13be02c98d09c25825c978d5014e1c78d037bcb5cdf3c5b60137d75d3df6b86d8734dea902978a595b5638f331d23ffd20c23c250dfc1e2db4d4fd0381a7c035b89a3f7108201a82085ef9117c8d31f038723d25ea442b34701", &(0x7f00000001c0)="714db4e4861155b858a72a7480cbfb438368f4e7ed8360342367bdc42746eaec4780a1fe692dd2bc5887c4348a71dc8bebb62df4ebc21b6cc0f93fc6e9a2ec6d9aa631968a92d99bb89d256a7910e89cc1172f9a66dc43ee436727947dfc1e787472b71bdb38b0edab90984cb2772e4cee7b627b1056fd58340fdbfa0f40eee380c88a46ea2e54bcf7f1a43854826d1bc25f37bf7456511a617a766f23e1f4d1ff009e5347e697794a43d7116b59d5af4f8add0dfd5b85b9ae8d"}}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x8800, 0x0)
read(r0, &(0x7f0000000040)=""/148, 0xffffff96)
syz_genetlink_get_family_id$devlink(&(0x7f0000000280), r0)

1.686265942s ago: executing program 0 (id=562):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x103201, 0x0)
write$P9_RSTATu(r0, &(0x7f0000000080)={0x265, 0x2, 0xafd, {{0x54f, 0x124, 0x28, 0x1f00, {}, 0x0, 0x0, 0xc, 0x401, 0xffffffffffffff7d, '\nnodev{evo\x03\xd3\x8b\x92\x00'/27, 0x28, 'pg>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18x\x99\xa9\x16c\x88\x14\xe5p\x81\x03\xb4\x94\xe1\x00\x00\x00\x00\x00\x00\x00\x00', 0x2, '\b\x00', 0xac, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4@\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x009\x86Ac\x1dD\xf4\xa3\x9b\x11\x91\x93z(\x0e\x8d\x88\x9f\xc2 \xd1\x15\xac\x8e/\x18K\x9aau\x8d&w*\xb0\xf2\x04M\x8e\xf0&=\xdd\x97\xd3\xc4\'\xb3\xa52\xef\xab\x1d\x1c\xe3,\xa7\xc1\xfc#\x1a\xf4\x84\b\xe0+%P(\xb7\xc9\xbb\x859oM\x8a\xf0\xeb\x95\xfc\x0e\xcc\x99\xf7\x80\xe2'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0xfd85)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='oom_score\x00')
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000480)=""/165, 0xa5}], 0x1, 0x0, 0x40000)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000440)={<r3=>0xffffffffffffffff}, 0x2}}, 0x20)
madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x19)
write$RDMA_USER_CM_CMD_QUERY(r2, &(0x7f0000000000)={0x13, 0x10, 0x7, {0x0, r3, 0x1}}, 0x18)

1.365668343s ago: executing program 0 (id=563):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100007e618a08580403701a7a010203010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000400)={0x44, &(0x7f00000001c0)=ANY=[@ANYBLOB="e9f99d2337b5004c12"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000400)={0x44, &(0x7f00000001c0)=ANY=[@ANYBLOB="e9f99d2337b5004c12"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1.092218512s ago: executing program 3 (id=564):
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={0x0, 0x0, <r0=>0x0, 0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000700)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket(0x2, 0x80805, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2e, 0x93}, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendto$inet6(r3, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
shutdown(r3, 0x1)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000030801011a000000000000230a00000706000240fbfb0000"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x400c2)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000300)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010040000000000002034400000008000300", @ANYRES32=r10, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140002"], 0x4c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095", @ANYRESOCT=r1, @ANYRESDEC=r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.026041935s ago: executing program 1 (id=565):
socket$rxrpc(0x21, 0x2, 0xa)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x1}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f0000001bc0)=[{{&(0x7f0000000440), 0x80, &(0x7f0000001600)=[{&(0x7f0000000240)=""/5, 0x5}, {&(0x7f00000002c0)=""/51, 0x33}, {&(0x7f00000004c0)=""/4089, 0xff9}, {&(0x7f00000014c0)=""/178, 0xb2}, {&(0x7f000001b000)=""/4096, 0x1000}, {&(0x7f0000001580)=""/107, 0x6b}], 0x6, &(0x7f0000001680)=""/140, 0x8c}, 0x101}, {{&(0x7f0000001740)=@nfc, 0x80, &(0x7f0000001a80)=[{&(0x7f00000017c0)=""/153, 0x99}, {&(0x7f0000001880)=""/69, 0x45}, {&(0x7f0000001900)=""/115, 0x73}, {&(0x7f00000003c0)=""/45, 0x2d}, {&(0x7f0000001980)=""/240, 0xf0}], 0x5, &(0x7f0000001c40)=""/134, 0x86}, 0x114}], 0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0xfffffffffffffffd, 0x0, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
r2 = syz_clone(0x904000, 0x0, 0x5f, 0x0, 0x0, 0x0)
r3 = getpgid(r2)
setpgid(0x0, r3)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xc4e02, 0x2)
openat(r4, 0x0, 0x80000, 0x150)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0x9362, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002000)=""/102400, 0x19000)
sendmmsg$inet6(r4, 0x0, 0x0, 0x4044)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
read$FUSE(r6, &(0x7f00000029c0)={0x2020}, 0x2020)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)

318.140163ms ago: executing program 32 (id=529):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
memfd_create(&(0x7f0000000000)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xae\xebA;Y\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2W\xc72\xea\xb7Wp\xc36\x96\xffZ\\A@\x00\x00\x00\xc9\xf3Y\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{u[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v\x1d*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5M\x9a\x9dc\xaaAU\xec\xe06\xed\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262<k\xa8\x88\x01\x00fhD\xe7\xb6\x17\x80\x95\xa8\x1e\t\xb01KB\xcb\x00\x1e\x7fE\x7f\x02\x00\x00\x00y<nGR\x94\x99\xb8\x89\x9b\x8f\xd5\xe6\x02\xb5C\xad\"u\xf4>\x00\x00\x00\x00\x00\x00\x00\x00Nz\x0eu\x8f\x01\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x10\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[\x00\x00\x00Q\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9fG\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\x94\xf3\xcc\x8d\xbb3\\\"\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82?S>\x0fP\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xe8\x89\xc4s\xb7\x14~}\xaa\x8c\xc3\x95BAE\xf2.\x8f#;a\x94\"\xd1U\xff\xe8v\xd3\x84d\xf4\x134\xa6XI\xe5h\xaa\x15\x9a\xf7Z\xe3%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x06\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9q\x12\xe3\x1a\xdc\xb7\x12\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\x10W\xbd\xa60A\xc3\x03\xfa\x890\x86#\bQ\xcb)\x00]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1\t\x00\x00\x00 \xc1\xaf\x19?\x00\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xe29\xc3}\xb9P\xd5F\xc6\x12\x8c_x\xa8\xfa\xb5K\x03\x85\x93k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x1b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\xe7]6+\\\x00\x00\x00\x00?#C.\x1dj\xd9\xc3\xdd&\x80g:N\xec\x06[\x8f\x92\xe2\xb01\xb0\xef\x10,\xde\xf3\x86D\x8b\xf7\xf1>AH\xef\\\xf9\x8b\a\xe0\xb2\xcb\xf0\x97\b\r\xd5`\xb9\xd6\xa4\x1e\xbe\x12-}\xc5\x84\xde@\x18\x87\f\x01O\xedS\x8f\x9en,\xbce\xb2\xe4\x82v\x1c\xed\x84-s\xab\x06b\x9c\xba\xec\xa5\xc9A\x84\xd0\xe0 S\xc8\xa2\xaf\x85\v\xad\xa5\x88\xcf\xb6}`\x14\'\xea\xbfN\xac)\xa1\xe8\xb2\x9f\x112TJ\x16\x8c9\xe9\xf5\x18\x15Dd\x8a%>\x91\x93\x88\xe9\x18\x82]\x9e&\xfa\xaa\xfa8Z2\x00'/1301, 0x3)
r0 = syz_usb_connect(0x2, 0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="31010000dccd5e08cb06030000e8169523010902240001000064000904340102d469e70009058acf"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=@v1={0x1000000, [{0x3ff, 0x4}]}, 0xc, 0x2)
r1 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r1, &(0x7f0000000200)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)

0s ago: executing program 3 (id=567):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
unshare(0x8000600)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4, 0x2}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @none, 0x7ff}, 0xe)
r2 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
openat$nullb(0xffffffffffffff9c, 0x0, 0x18b882, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
getsockopt$SO_J1939_ERRQUEUE(r3, 0x6b, 0x4, &(0x7f0000000400), &(0x7f0000000000)=0x4)

kernel console output (not intermixed with test programs):

15.0-rc1-syzkaller #0 PREEMPT(full) 
[  109.943602][ T6500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  109.943611][ T6500] Call Trace:
[  109.943617][ T6500]  <TASK>
[  109.943623][ T6500]  dump_stack_lvl+0x16c/0x1f0
[  109.943649][ T6500]  should_fail_ex+0x512/0x640
[  109.943666][ T6500]  ? fs_reclaim_acquire+0xae/0x150
[  109.943690][ T6500]  ? tomoyo_encode2+0x100/0x3e0
[  109.943711][ T6500]  should_failslab+0xc2/0x120
[  109.943730][ T6500]  __kmalloc_noprof+0xd2/0x510
[  109.943747][ T6500]  ? d_absolute_path+0x136/0x1a0
[  109.943772][ T6500]  tomoyo_encode2+0x100/0x3e0
[  109.943799][ T6500]  tomoyo_encode+0x29/0x50
[  109.943821][ T6500]  tomoyo_realpath_from_path+0x18f/0x6e0
[  109.943852][ T6500]  tomoyo_path_number_perm+0x245/0x580
[  109.943871][ T6500]  ? tomoyo_path_number_perm+0x237/0x580
[  109.943894][ T6500]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  109.943916][ T6500]  ? find_held_lock+0x2b/0x80
[  109.943959][ T6500]  ? find_held_lock+0x2b/0x80
[  109.943979][ T6500]  ? hook_file_ioctl_common+0x145/0x410
[  109.944007][ T6500]  ? __fget_files+0x20e/0x3c0
[  109.944028][ T6500]  security_file_ioctl+0x9b/0x240
[  109.944053][ T6500]  __x64_sys_ioctl+0xb7/0x200
[  109.944079][ T6500]  do_syscall_64+0xcd/0x260
[  109.944103][ T6500]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.944120][ T6500] RIP: 0033:0x7f4c7d38d169
[  109.944133][ T6500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.944149][ T6500] RSP: 002b:00007f4c7e2a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  109.944165][ T6500] RAX: ffffffffffffffda RBX: 00007f4c7d5a5fa0 RCX: 00007f4c7d38d169
[  109.944176][ T6500] RDX: 0000200000000000 RSI: 00000000c008561c RDI: 0000000000000004
[  109.944186][ T6500] RBP: 00007f4c7e2a6090 R08: 0000000000000000 R09: 0000000000000000
[  109.944195][ T6500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.944205][ T6500] R13: 0000000000000000 R14: 00007f4c7d5a5fa0 R15: 00007ffdb8dcb0e8
[  109.944228][ T6500]  </TASK>
[  109.944882][ T6500] ERROR: Out of memory at tomoyo_realpath_from_path.
[  110.122781][   T30] audit: type=1400 audit(1744135438.874:294): avc:  denied  { write } for  pid=5179 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  110.343686][   T30] audit: type=1400 audit(1744135438.874:295): avc:  denied  { remove_name } for  pid=5179 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  110.401415][ T6503] tmpfs: Unknown parameter 'huge½always'
[  110.462845][   T30] audit: type=1400 audit(1744135438.874:296): avc:  denied  { rename } for  pid=5179 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  110.914258][   T30] audit: type=1400 audit(1744135438.874:297): avc:  denied  { add_name } for  pid=5179 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  111.172938][ T6517] syz.0.125 uses obsolete (PF_INET,SOCK_PACKET)
[  111.223123][   T30] audit: type=1400 audit(1744135438.874:298): avc:  denied  { unlink } for  pid=5179 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  111.803364][ T5837] Bluetooth: hci4: command 0x0406 tx timeout
[  111.933035][ T5874] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  112.093302][ T5838] Bluetooth: hci4: link tx timeout
[  112.136593][ T5874] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  112.152774][ T5873] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  112.157173][ T5874] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  112.169929][ T5874] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  112.181649][ T5874] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.207921][ T5874] usb 1-1: config 0 descriptor??
[  112.270860][ T5874] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  112.298587][ T5874] dvb-usb: bulk message failed: -22 (3/0)
[  112.337810][ T5874] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  112.348810][ T5873] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  112.366530][ T5874] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  112.390186][ T5873] usb 3-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  112.392752][ T5874] usb 1-1: media controller created
[  112.442297][ T5874] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  112.450761][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.452790][ T5873] usb 3-1: config 0 descriptor??
[  112.490220][ T6526] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  112.528146][ T5874] dvb-usb: bulk message failed: -22 (6/0)
[  112.546765][ T5874] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  112.555696][ T6520] tmpfs: Unknown parameter 'grpquota_anoé‰îÿÿqdlimit'
[  112.590028][ T5874] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input8
[  112.621947][ T5874] dvb-usb: schedule remote query interval to 150 msecs.
[  112.638513][ T5874] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  112.959296][ T5874] dvb-usb: bulk message failed: -22 (1/0)
[  112.976854][ T5873] elan 0003:04F3:0755.0006: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.2-1/input0
[  113.048710][ T5874] dvb-usb: error while querying for an remote control event.
[  113.096899][ T6543] FAULT_INJECTION: forcing a failure.
[  113.096899][ T6543] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  113.171220][ T6543] CPU: 1 UID: 0 PID: 6543 Comm: syz.1.132 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  113.171245][ T6543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  113.171255][ T6543] Call Trace:
[  113.171261][ T6543]  <TASK>
[  113.171267][ T6543]  dump_stack_lvl+0x16c/0x1f0
[  113.171294][ T6543]  should_fail_ex+0x512/0x640
[  113.171314][ T6543]  _copy_to_user+0x32/0xd0
[  113.171333][ T6543]  copy_siginfo_to_user+0x27/0xc0
[  113.171356][ T6543]  x64_setup_rt_frame+0x811/0xcf0
[  113.171385][ T6543]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  113.171406][ T6543]  ? __pfx___do_sys_flock+0x10/0x10
[  113.171433][ T6543]  arch_do_signal_or_restart+0x5e6/0x7d0
[  113.171458][ T6543]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  113.171485][ T6543]  ? ksys_write+0x1b9/0x240
[  113.171500][ T6543]  ? __pfx_ksys_write+0x10/0x10
[  113.171514][ T6543]  ? rcu_is_watching+0x12/0xc0
[  113.171537][ T6543]  syscall_exit_to_user_mode+0x150/0x2a0
[  113.171559][ T6543]  do_syscall_64+0xda/0x260
[  113.171582][ T6543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.171598][ T6543] RIP: 0033:0x7f557ad8d167
[  113.171610][ T6543] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  113.171623][ T6543] RSP: 002b:00007f557bbf9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000049
[  113.171637][ T6543] RAX: 0000000000000049 RBX: 00007f557afa5fa0 RCX: 00007f557ad8d169
[  113.171645][ T6543] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000007
[  113.171652][ T6543] RBP: 00007f557bbf9090 R08: 0000000000000000 R09: 0000000000000000
[  113.171660][ T6543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.171667][ T6543] R13: 0000000000000000 R14: 00007f557afa5fa0 R15: 00007ffc2a2f7c68
[  113.171684][ T6543]  </TASK>
[  113.353214][ T5874] dvb-usb: bulk message failed: -22 (1/0)
[  113.358983][ T5874] dvb-usb: error while querying for an remote control event.
[  113.532780][   T24] dvb-usb: bulk message failed: -22 (1/0)
[  113.539639][   T24] dvb-usb: error while querying for an remote control event.
[  113.717161][   T24] dvb-usb: bulk message failed: -22 (1/0)
[  113.743651][   T24] dvb-usb: error while querying for an remote control event.
[  113.749841][ T5873] usb 3-1: USB disconnect, device number 4
[  113.778860][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  113.778873][   T30] audit: type=1400 audit(1744135442.624:306): avc:  denied  { create } for  pid=6552 comm="syz.4.135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  113.845328][   T30] audit: type=1400 audit(1744135442.664:307): avc:  denied  { bind } for  pid=6552 comm="syz.4.135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  113.867966][   T30] audit: type=1400 audit(1744135442.684:308): avc:  denied  { setopt } for  pid=6552 comm="syz.4.135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  113.906445][   T30] audit: type=1400 audit(1744135442.684:309): avc:  denied  { accept } for  pid=6552 comm="syz.4.135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  113.932934][   T24] dvb-usb: bulk message failed: -22 (1/0)
[  113.995989][    T9] usb 1-1: USB disconnect, device number 6
[  114.140507][   T30] audit: type=1400 audit(1744135442.684:310): avc:  denied  { write } for  pid=6552 comm="syz.4.135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  114.256641][   T30] audit: type=1400 audit(1744135442.684:311): avc:  denied  { read } for  pid=6552 comm="syz.4.135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  114.364302][   T30] audit: type=1400 audit(1744135443.134:312): avc:  denied  { name_bind } for  pid=6545 comm="syz.3.133" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  114.426786][ T6546] xt_hashlimit: max too large, truncated to 1048576
[  114.471894][   T30] audit: type=1400 audit(1744135443.184:313): avc:  denied  { unlink } for  pid=6551 comm="syz.1.136" name="#1" dev="tmpfs" ino=125 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  114.612956][   T30] audit: type=1400 audit(1744135443.194:314): avc:  denied  { mount } for  pid=6551 comm="syz.1.136" name="/" dev="overlay" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  114.854113][   T24] dvb-usb: error while querying for an remote control event.
[  118.261812][    T9] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  119.219414][ T5873] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  119.583066][   T30] audit: type=1400 audit(1744135448.434:315): avc:  denied  { create } for  pid=6594 comm="syz.2.146" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  119.620892][ T6595] bio_check_eod: 2 callbacks suppressed
[  119.620902][ T6595] syz.2.146: attempt to access beyond end of device
[  119.620902][ T6595] loop5: rw=0, sector=0, nr_sectors = 1 limit=0
[  119.639338][ T6595] FAT-fs (loop5): unable to read boot sector
[  119.646061][   T30] audit: type=1400 audit(1744135448.464:316): avc:  denied  { mounton } for  pid=6594 comm="syz.2.146" path="/29/file0" dev="tmpfs" ino=167 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  119.692780][ T5873] usb 4-1: Using ep0 maxpacket: 32
[  119.705275][ T5873] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[  119.729903][ T5873] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8240, setting to 1024
[  119.772519][ T5873] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  119.852124][ T5873] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.996221][ T5873] usb 4-1: config 0 descriptor??
[  120.580593][ T5873] hub 4-1:0.0: USB hub found
[  120.612582][   T30] audit: type=1400 audit(1744135449.454:317): avc:  denied  { unlink } for  pid=5819 comm="syz-executor" name="file0" dev="tmpfs" ino=167 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  120.779680][ T5873] hub 4-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  120.976117][ T6615] No control pipe specified
[  121.354225][ T5873] hid-generic 0003:046D:C31C.0007: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.3-1/input0
[  121.456530][ T6585] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  121.464863][ T6585] audit: out of memory in audit_log_start
[  121.502778][   T30] audit: type=1326 audit(1744135450.344:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6606 comm="syz.2.149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd1cf8d169 code=0x7fc00000
[  121.633664][    T9] usb 4-1: USB disconnect, device number 2
[  123.293956][ T6645] @: renamed from vlan0 (while UP)
[  125.423038][ T5837] Bluetooth: hci4: link tx timeout
[  125.449024][   T30] audit: type=1400 audit(1744135454.294:319): avc:  denied  { getopt } for  pid=6650 comm="syz.3.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  125.449198][ T6651] sctp: [Deprecated]: syz.3.160 (pid 6651) Use of struct sctp_assoc_value in delayed_ack socket option.
[  125.449198][ T6651] Use struct sctp_sack_info instead
[  125.668383][ T6660] FAULT_INJECTION: forcing a failure.
[  125.668383][ T6660] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  125.681868][ T6660] CPU: 1 UID: 0 PID: 6660 Comm: syz.2.159 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  125.681883][ T6660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  125.681889][ T6660] Call Trace:
[  125.681892][ T6660]  <TASK>
[  125.681896][ T6660]  dump_stack_lvl+0x16c/0x1f0
[  125.681915][ T6660]  should_fail_ex+0x512/0x640
[  125.681929][ T6660]  _copy_from_user+0x2e/0xd0
[  125.681942][ T6660]  copy_from_sockptr_offset+0x15c/0x1b0
[  125.681958][ T6660]  ? __pfx_copy_from_sockptr_offset+0x10/0x10
[  125.681974][ T6660]  ? find_held_lock+0x2b/0x80
[  125.681996][ T6660]  do_tcp_getsockopt+0xe6a/0x26c0
[  125.682010][ T6660]  ? __pfx_do_tcp_getsockopt+0x10/0x10
[  125.682020][ T6660]  ? unwind_get_return_address+0x59/0xa0
[  125.682040][ T6660]  ? __lock_acquire+0xaa4/0x1ba0
[  125.682048][ T6660]  ? _parse_integer_limit+0x17f/0x1d0
[  125.682068][ T6660]  ? find_held_lock+0x2b/0x80
[  125.682081][ T6660]  ? avc_has_perm_noaudit+0x117/0x3b0
[  125.682095][ T6660]  ? avc_has_perm_noaudit+0x149/0x3b0
[  125.682106][ T6660]  ? avc_has_perm+0x11a/0x1c0
[  125.682116][ T6660]  ? __pfx_avc_has_perm+0x10/0x10
[  125.682128][ T6660]  ? __lock_acquire+0xaa4/0x1ba0
[  125.682139][ T6660]  ? sock_has_perm+0x259/0x2f0
[  125.682154][ T6660]  ? find_held_lock+0x2b/0x80
[  125.682167][ T6660]  ? __might_fault+0xe3/0x190
[  125.682178][ T6660]  ? __might_fault+0xe3/0x190
[  125.682187][ T6660]  ? __might_fault+0x13b/0x190
[  125.682199][ T6660]  tcp_getsockopt+0xdf/0x100
[  125.682210][ T6660]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  125.682227][ T6660]  do_sock_getsockopt+0x3fc/0x800
[  125.682243][ T6660]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  125.682257][ T6660]  ? __fget_files+0x204/0x3c0
[  125.682274][ T6660]  __sys_getsockopt+0x12f/0x260
[  125.682288][ T6660]  __x64_sys_getsockopt+0xbd/0x160
[  125.682299][ T6660]  ? do_syscall_64+0x91/0x260
[  125.682313][ T6660]  ? lockdep_hardirqs_on+0x7c/0x110
[  125.682326][ T6660]  do_syscall_64+0xcd/0x260
[  125.682341][ T6660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.682351][ T6660] RIP: 0033:0x7fdd1cf8d169
[  125.682361][ T6660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.682370][ T6660] RSP: 002b:00007fdd1dea5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  125.682380][ T6660] RAX: ffffffffffffffda RBX: 00007fdd1d1a6080 RCX: 00007fdd1cf8d169
[  125.682387][ T6660] RDX: 000000000000001a RSI: 0000000000000006 RDI: 0000000000000003
[  125.682392][ T6660] RBP: 00007fdd1dea5090 R08: 00002000000001c0 R09: 0000000000000000
[  125.682398][ T6660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.682404][ T6660] R13: 0000000000000001 R14: 00007fdd1d1a6080 R15: 00007fff48fb9f98
[  125.682416][ T6660]  </TASK>
[  125.957350][   T10] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  126.082827][  T910] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  126.112478][ T6659] tmpfs: Unknown parameter 'huge½always'
[  126.244065][  T910] usb 4-1: config 0 has an invalid interface number: 93 but max is 0
[  126.254426][  T910] usb 4-1: config 0 has no interface number 0
[  126.266601][  T910] usb 4-1: New USB device found, idVendor=10b8, idProduct=1bb4, bcdDevice=34.65
[  126.278940][  T910] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.288585][  T910] usb 4-1: Product: syz
[  126.295203][   T10] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  126.298212][  T910] usb 4-1: Manufacturer: syz
[  126.309608][  T910] usb 4-1: SerialNumber: syz
[  126.337455][  T910] usb 4-1: config 0 descriptor??
[  126.373627][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.452896][   T10] usb 2-1: Product: syz
[  126.472893][   T10] usb 2-1: Manufacturer: syz
[  126.514838][   T10] usb 2-1: SerialNumber: syz
[  126.545805][   T10] usb 2-1: config 0 descriptor??
[  126.624460][ T6667] tmpfs: Unknown parameter 'huge½always'
[  127.021004][ T6672] smc: net device bond0 applied user defined pnetid SYZ0
[  127.031576][ T6672] netlink: 28 bytes leftover after parsing attributes in process `syz.3.161'.
[  127.509982][   T10] usb 2-1: Firmware: major: 107, minor: 86, hardware type: RZUSB (3)
[  127.520753][ T6674] No control pipe specified
[  128.065226][   T10] usb 2-1: failed to fetch extended address, random address set
[  128.111756][   T30] audit: type=1400 audit(1744135456.944:320): avc:  denied  { getopt } for  pid=6678 comm="syz.2.166" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  128.155941][   T10] usb 2-1: USB disconnect, device number 4
[  128.665036][  T910] dvb-usb: found a 'DiBcom TFE7090PVR reference design' in cold state, will try to load a firmware
[  128.727042][  T910] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  128.728825][   T30] audit: type=1400 audit(1744135457.574:321): avc:  denied  { firmware_load } for  pid=910 comm="kworker/1:2" path="/lib/firmware/dvb-usb-dib0700-1.20.fw" dev="sda1" ino=376 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  128.775109][ T6686] capability: warning: `syz.4.168' uses deprecated v2 capabilities in a way that may be insecure
[  128.798348][  T910] dib0700: firmware download failed at 7 with -22
[  128.841544][  T910] usb 4-1: USB disconnect, device number 3
[  128.925570][   T30] audit: type=1400 audit(1744135457.634:322): avc:  denied  { bind } for  pid=6684 comm="syz.1.169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  128.965703][   T30] audit: type=1400 audit(1744135457.704:323): avc:  denied  { ioctl } for  pid=6683 comm="syz.0.167" path="/dev/input/event2" dev="devtmpfs" ino=922 ioctlcmd=0x45a0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  129.086000][ T6697] FAULT_INJECTION: forcing a failure.
[  129.086000][ T6697] name failslab, interval 1, probability 0, space 0, times 0
[  129.098900][ T6697] CPU: 1 UID: 0 PID: 6697 Comm: syz.3.170 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  129.098927][ T6697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  129.098936][ T6697] Call Trace:
[  129.098943][ T6697]  <TASK>
[  129.098949][ T6697]  dump_stack_lvl+0x16c/0x1f0
[  129.098977][ T6697]  should_fail_ex+0x512/0x640
[  129.098994][ T6697]  ? __kmalloc_noprof+0xbf/0x510
[  129.099013][ T6697]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  129.099038][ T6697]  should_failslab+0xc2/0x120
[  129.099057][ T6697]  __kmalloc_noprof+0xd2/0x510
[  129.099075][ T6697]  ? avc_has_perm_noaudit+0x149/0x3b0
[  129.099095][ T6697]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  129.099126][ T6697]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  129.099152][ T6697]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  129.099185][ T6697]  ? bpf_lsm_capable+0x9/0x10
[  129.099201][ T6697]  ? security_capable+0x7e/0x260
[  129.099221][ T6697]  ? ns_capable+0xd7/0x110
[  129.099244][ T6697]  genl_rcv_msg+0x55c/0x800
[  129.099271][ T6697]  ? __pfx_genl_rcv_msg+0x10/0x10
[  129.099294][ T6697]  ? __pfx___dev_queue_xmit+0x10/0x10
[  129.099310][ T6697]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  129.099332][ T6697]  ? __pfx_nl80211_new_interface+0x10/0x10
[  129.099352][ T6697]  ? __pfx_nl80211_post_doit+0x10/0x10
[  129.099375][ T6697]  ? __lock_acquire+0xaa4/0x1ba0
[  129.099397][ T6697]  netlink_rcv_skb+0x16a/0x440
[  129.099418][ T6697]  ? __pfx_genl_rcv_msg+0x10/0x10
[  129.099443][ T6697]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  129.099476][ T6697]  ? rcu_preempt_deferred_qs_irqrestore+0x4f5/0xbc0
[  129.099503][ T6697]  ? __pfx_down_read+0x10/0x10
[  129.099534][ T6697]  genl_rcv+0x28/0x40
[  129.099555][ T6697]  netlink_unicast+0x53a/0x7f0
[  129.099580][ T6697]  ? __pfx_netlink_unicast+0x10/0x10
[  129.099610][ T6697]  netlink_sendmsg+0x8d1/0xdd0
[  129.099636][ T6697]  ? __pfx_netlink_sendmsg+0x10/0x10
[  129.099660][ T6697]  ? __pfx_netlink_sendmsg+0x10/0x10
[  129.099685][ T6697]  ____sys_sendmsg+0xa95/0xc70
[  129.099711][ T6697]  ? copy_msghdr_from_user+0x10a/0x160
[  129.099731][ T6697]  ? __pfx_____sys_sendmsg+0x10/0x10
[  129.099761][ T6697]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  129.099787][ T6697]  ___sys_sendmsg+0x134/0x1d0
[  129.099809][ T6697]  ? __pfx____sys_sendmsg+0x10/0x10
[  129.099861][ T6697]  __sys_sendmsg+0x16d/0x220
[  129.099881][ T6697]  ? __pfx___sys_sendmsg+0x10/0x10
[  129.099923][ T6697]  do_syscall_64+0xcd/0x260
[  129.099947][ T6697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.099964][ T6697] RIP: 0033:0x7f493058d169
[  129.099977][ T6697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.099992][ T6697] RSP: 002b:00007f4931451038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  129.100008][ T6697] RAX: ffffffffffffffda RBX: 00007f49307a6160 RCX: 00007f493058d169
[  129.100018][ T6697] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  129.100028][ T6697] RBP: 00007f4931451090 R08: 0000000000000000 R09: 0000000000000000
[  129.100037][ T6697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.100047][ T6697] R13: 0000000000000000 R14: 00007f49307a6160 R15: 00007ffc14372c98
[  129.100069][ T6697]  </TASK>
[  129.431872][   T30] audit: type=1400 audit(1744135457.874:324): avc:  denied  { connect } for  pid=6691 comm="syz.3.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  129.456572][   T30] audit: type=1400 audit(1744135458.304:325): avc:  denied  { ioctl } for  pid=6678 comm="syz.2.166" path="socket:[10822]" dev="sockfs" ino=10822 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  129.481226][   T30] audit: type=1400 audit(1744135458.304:326): avc:  denied  { connect } for  pid=6678 comm="syz.2.166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  129.613841][   T24] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  129.815437][   T24] usb 1-1: Using ep0 maxpacket: 8
[  129.831464][   T24] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  129.842852][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  129.855044][ T6702] @: renamed from vlan0 (while UP)
[  129.858209][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  129.874372][   T24] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  129.897531][   T24] usb 1-1: New USB device found, idVendor=0c45, idProduct=760b, bcdDevice= 0.00
[  129.925522][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.077935][   T24] usb 1-1: config 0 descriptor??
[  130.154972][ T6710] FAULT_INJECTION: forcing a failure.
[  130.154972][ T6710] name failslab, interval 1, probability 0, space 0, times 0
[  130.168436][ T6710] CPU: 1 UID: 0 PID: 6710 Comm: syz.1.172 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  130.168457][ T6710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  130.168467][ T6710] Call Trace:
[  130.168472][ T6710]  <TASK>
[  130.168479][ T6710]  dump_stack_lvl+0x16c/0x1f0
[  130.168505][ T6710]  should_fail_ex+0x512/0x640
[  130.168523][ T6710]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  130.168550][ T6710]  should_failslab+0xc2/0x120
[  130.168569][ T6710]  __kmalloc_cache_noprof+0x6a/0x3e0
[  130.168593][ T6710]  ? input_allocate_device+0x44/0x350
[  130.168621][ T6710]  input_allocate_device+0x44/0x350
[  130.168644][ T6710]  uinput_write+0x990/0x12b0
[  130.168663][ T6710]  ? inode_security+0x101/0x130
[  130.168687][ T6710]  ? __pfx_uinput_write+0x10/0x10
[  130.168706][ T6710]  ? bpf_lsm_file_permission+0x9/0x10
[  130.168728][ T6710]  ? security_file_permission+0x71/0x210
[  130.168754][ T6710]  ? rw_verify_area+0xcf/0x680
[  130.168779][ T6710]  vfs_write+0x25c/0x1180
[  130.168792][ T6710]  ? __pfx_uinput_write+0x10/0x10
[  130.168814][ T6710]  ? __pfx_vfs_write+0x10/0x10
[  130.168827][ T6710]  ? find_held_lock+0x2b/0x80
[  130.168849][ T6710]  ? __fget_files+0x204/0x3c0
[  130.168869][ T6710]  ? __fget_files+0x20e/0x3c0
[  130.168883][ T6710]  ? fdget_pos+0x70/0x370
[  130.168911][ T6710]  ksys_write+0x205/0x240
[  130.168925][ T6710]  ? __pfx_ksys_write+0x10/0x10
[  130.168948][ T6710]  do_syscall_64+0xcd/0x260
[  130.168971][ T6710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.168987][ T6710] RIP: 0033:0x7f557ad8d169
[  130.169001][ T6710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.169016][ T6710] RSP: 002b:00007f557bbb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  130.169031][ T6710] RAX: ffffffffffffffda RBX: 00007f557afa6160 RCX: 00007f557ad8d169
[  130.169041][ T6710] RDX: 000000000000045c RSI: 00002000000002c0 RDI: 000000000000000a
[  130.169050][ T6710] RBP: 00007f557bbb7090 R08: 0000000000000000 R09: 0000000000000000
[  130.169059][ T6710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.169068][ T6710] R13: 0000000000000000 R14: 00007f557afa6160 R15: 00007ffc2a2f7c68
[  130.169091][ T6710]  </TASK>
[  130.302702][   T30] audit: type=1400 audit(1744135458.994:327): avc:  denied  { mount } for  pid=6704 comm="syz.1.172" name="/" dev="rpc_pipefs" ino=10839 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  131.165359][   T30] audit: type=1400 audit(1744135459.584:328): avc:  denied  { append } for  pid=6712 comm="syz.2.174" name="001" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  131.360703][ T6688] netlink: 8 bytes leftover after parsing attributes in process `syz.0.167'.
[  131.425281][   T30] audit: type=1400 audit(1744135460.274:329): avc:  denied  { block_suspend } for  pid=6683 comm="syz.0.167" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  131.442762][  T972] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  131.993068][  T972] usb 4-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d
[  132.388514][   T24] usbhid 1-1:0.0: can't add hid device: -71
[  132.396285][  T972] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.407174][  T972] usb 4-1: config 0 descriptor??
[  132.410109][   T24] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  132.445746][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  132.452181][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  132.538030][   T24] usb 1-1: USB disconnect, device number 7
[  132.832482][  T972] hackrf 4-1:0.0: usb_control_msg() failed -71 request 0f
[  132.930513][  T972] hackrf 4-1:0.0: Could not detect board
[  133.507323][  T972] hackrf 4-1:0.0: probe with driver hackrf failed with error -71
[  133.517961][   T30] audit: type=1400 audit(1744135462.364:330): avc:  denied  { create } for  pid=6735 comm="syz.1.180" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  133.905726][  T972] usb 4-1: USB disconnect, device number 4
[  134.322841][    T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  134.412888][  T972] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  134.461179][   T30] audit: type=1400 audit(1744135462.394:331): avc:  denied  { write } for  pid=6735 comm="syz.1.180" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  134.652774][    T9] usb 3-1: Using ep0 maxpacket: 8
[  134.726290][    T9] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  134.743062][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.922153][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  135.233868][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  135.247812][    T9] usb 3-1: New USB device found, idVendor=0c45, idProduct=760b, bcdDevice= 0.00
[  135.256918][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.264884][   T30] audit: type=1326 audit(1744135464.094:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6746 comm="syz.1.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f557ad8d169 code=0x7ffc0000
[  135.264928][   T30] audit: type=1326 audit(1744135464.094:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6746 comm="syz.1.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f557ad8d169 code=0x7ffc0000
[  135.387775][    T9] usb 3-1: config 0 descriptor??
[  135.461094][   T30] audit: type=1326 audit(1744135464.304:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6746 comm="syz.1.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f557ad8d169 code=0x7ffc0000
[  135.596277][   T30] audit: type=1326 audit(1744135464.334:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6746 comm="syz.1.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f557ad8d169 code=0x7ffc0000
[  135.622097][   T30] audit: type=1326 audit(1744135464.404:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6746 comm="syz.1.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f557ad8d169 code=0x7ffc0000
[  135.651086][   T30] audit: type=1326 audit(1744135464.404:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6746 comm="syz.1.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f557ad8d169 code=0x7ffc0000
[  135.745397][ T5829] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  135.812361][    T9] usbhid 3-1:0.0: can't add hid device: -71
[  135.819390][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  135.839697][    T9] usb 3-1: USB disconnect, device number 5
[  135.849569][ T6756] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  135.950269][ T5829] usb 5-1: Using ep0 maxpacket: 16
[  135.994160][ T5829] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  136.013025][ T5829] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  136.023324][ T5829] usb 5-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00
[  136.042782][ T5829] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.137626][ T5829] usb 5-1: config 0 descriptor??
[  136.175058][   T30] kauditd_printk_skb: 9 callbacks suppressed
[  136.175070][   T30] audit: type=1400 audit(1744135465.014:347): avc:  denied  { read write } for  pid=6764 comm="syz.1.187" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  136.377606][ T6770] @: renamed from vlan0 (while UP)
[  136.380174][ T6772] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  136.391849][   T30] audit: type=1400 audit(1744135465.064:348): avc:  denied  { open } for  pid=6764 comm="syz.1.187" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  136.553749][ T6755] fuse: Bad value for 'rootmode'
[  137.046558][   T30] audit: type=1400 audit(1744135465.894:349): avc:  denied  { unmount } for  pid=5831 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  137.125470][ T5829] usbhid 5-1:0.0: can't add hid device: -71
[  137.982840][ T5829] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  138.157291][ T5829] usb 5-1: USB disconnect, device number 4
[  138.376103][   T30] audit: type=1400 audit(1744135467.224:350): avc:  denied  { create } for  pid=6782 comm="syz.1.192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  138.398972][ T6783] delete_channel: no stack
[  138.414666][ T6782] delete_channel: no stack
[  138.452588][   T30] audit: type=1400 audit(1744135467.264:351): avc:  denied  { accept } for  pid=6782 comm="syz.1.192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  138.816016][   T30] audit: type=1400 audit(1744135467.464:352): avc:  denied  { ioctl } for  pid=6784 comm="syz.0.193" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  139.099861][ T5876] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  139.136293][ T6798] netlink: 220 bytes leftover after parsing attributes in process `syz.2.198'.
[  139.337666][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  142.254775][ T5876] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  142.373641][ T5876] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.462915][ T6824] delete_channel: no stack
[  142.471841][ T6823] delete_channel: no stack
[  142.522062][   T30] audit: type=1400 audit(1744135471.314:353): avc:  denied  { create } for  pid=6823 comm="syz.2.204" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  142.583981][   T30] audit: type=1400 audit(1744135471.314:354): avc:  denied  { ioctl } for  pid=6823 comm="syz.2.204" path="socket:[11680]" dev="sockfs" ino=11680 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  142.613727][ T5876] usb 2-1: config 0 descriptor??
[  143.646000][ T5876] usb 2-1: can't set config #0, error -71
[  145.137837][   T30] audit: type=1400 audit(1744135471.474:355): avc:  denied  { write } for  pid=6826 comm="syz.2.205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  145.569288][ T5876] usb 2-1: USB disconnect, device number 5
[  145.579480][   T30] audit: type=1400 audit(1744135471.474:356): avc:  denied  { read } for  pid=6826 comm="syz.2.205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  145.598876][   T30] audit: type=1400 audit(1744135472.084:357): avc:  denied  { write } for  pid=6822 comm="syz.0.203" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  145.854612][ T6843] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  146.092806][ T5876] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  146.257125][ T5876] usb 2-1: Using ep0 maxpacket: 32
[  146.264649][ T5876] usb 2-1: too many configurations: 54, using maximum allowed: 8
[  146.277558][ T5876] usb 2-1: unable to read config index 0 descriptor/start: -61
[  146.286297][ T5876] usb 2-1: can't read configurations, error -61
[  146.422824][ T5876] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  146.462825][  T972] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  146.878855][   T30] audit: type=1400 audit(1744135475.724:358): avc:  denied  { create } for  pid=6854 comm="syz.2.212" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  146.901937][ T6859] RDS: rds_bind could not find a transport for ::ffff:172.30.0.3, load rds_tcp or rds_rdma?
[  146.912561][   T30] audit: type=1400 audit(1744135475.744:359): avc:  denied  { bind } for  pid=6854 comm="syz.2.212" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  147.000058][ T5876] usb 2-1: Using ep0 maxpacket: 32
[  147.246654][ T5876] usb 2-1: too many configurations: 54, using maximum allowed: 8
[  147.247245][  T972] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  147.266025][  T972] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  147.282732][  T972] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.301312][  T972] usb 5-1: config 0 descriptor??
[  147.305019][ T5876] usb 2-1: unable to read config index 0 descriptor/start: -61
[  147.324724][ T5876] usb 2-1: can't read configurations, error -61
[  147.364484][ T5876] usb usb2-port1: attempt power cycle
[  147.477705][ T6856] ptrace attach of ""[6860] was attempted by "./syz-executor exec"[6856]
[  147.800427][ T5876] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  148.280351][  T972] keytouch 0003:0926:3333.0008: fixing up Keytouch IEC report descriptor
[  148.297424][  T972] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.0008/input/input9
[  148.399478][ T5876] usb 2-1: Using ep0 maxpacket: 32
[  148.686247][ T5876] usb 2-1: too many configurations: 54, using maximum allowed: 8
[  148.701916][   T30] audit: type=1400 audit(1744135477.544:360): avc:  denied  { setopt } for  pid=6871 comm="syz.2.215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  148.777612][ T5876] usb 2-1: unable to read config index 0 descriptor/start: -71
[  148.785416][ T5876] usb 2-1: can't read configurations, error -71
[  149.042440][  T972] keytouch 0003:0926:3333.0008: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0
[  149.122181][ T6885] @: renamed from vlan0 (while UP)
[  149.502161][  T972] usb 5-1: USB disconnect, device number 5
[  150.462606][   T30] audit: type=1400 audit(1744135479.304:361): avc:  denied  { append } for  pid=6883 comm="syz.3.221" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  150.487599][ T6887] loop6: detected capacity change from 0 to 524287999
[  150.503357][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  150.512725][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  150.522016][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  150.531130][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  150.540628][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  150.549771][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  150.558938][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  150.568096][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  150.577226][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  150.586364][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  150.596584][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  150.605725][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  150.613812][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  150.622969][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  150.634563][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  150.643771][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  150.651605][ T6887] ldm_validate_partition_table(): Disk read failed.
[  150.659746][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  150.668944][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  150.678856][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  150.688024][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  150.701885][ T6887] Dev loop6: unable to read RDB block 0
[  150.711852][ T6887]  loop6: unable to read partition table
[  150.717604][ T6887] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  151.556026][ T6901] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma?
[  151.631977][ T6901] ptrace attach of ""[6903] was attempted by "./syz-executor exec"[6901]
[  152.220628][ T6912] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  153.219728][  T972] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  153.702872][  T972] usb 5-1: config 0 has an invalid interface number: 52 but max is 0
[  153.711016][  T972] usb 5-1: config 0 has an invalid descriptor of length 130, skipping remainder of the config
[  153.782811][  T972] usb 5-1: config 0 has no interface number 0
[  153.788970][  T972] usb 5-1: too many endpoints for config 0 interface 52 altsetting 39: 68, using maximum allowed: 30
[  153.809975][  T972] usb 5-1: config 0 interface 52 altsetting 39 has 0 endpoint descriptors, different from the interface descriptor's value: 68
[  153.854324][ T6930] tmpfs: Unknown parameter 'huge½always'
[  154.135255][  T972] usb 5-1: config 0 interface 52 has no altsetting 0
[  154.162577][  T972] usb 5-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  154.174823][  T972] usb 5-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35
[  154.195208][  T972] usb 5-1: Product: syz
[  154.239375][ T6940] delete_channel: no stack
[  154.277101][  T972] usb 5-1: Manufacturer: syz
[  154.286342][  T972] usb 5-1: SerialNumber: syz
[  154.286654][   T30] audit: type=1400 audit(1744135483.094:362): avc:  denied  { setopt } for  pid=6939 comm="syz.3.233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  154.311028][  T972] usb 5-1: config 0 descriptor??
[  154.487954][   T30] audit: type=1400 audit(1744135483.094:363): avc:  denied  { ioctl } for  pid=6939 comm="syz.3.233" path="socket:[11975]" dev="sockfs" ino=11975 ioctlcmd=0x9371 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  154.608565][  T972] usb 5-1: selecting invalid altsetting 1
[  154.630114][  T972] usb 5-1: Can not set alternate setting to 1, error: -22
[  154.640290][  T972] synaptics_usb 5-1:0.52: probe with driver synaptics_usb failed with error -22
[  154.668476][  T972] usb 5-1: USB disconnect, device number 6
[  154.678954][   T30] audit: type=1400 audit(1744135483.104:364): avc:  denied  { create } for  pid=6939 comm="syz.3.233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  154.728930][   T30] audit: type=1400 audit(1744135483.104:365): avc:  denied  { write } for  pid=6939 comm="syz.3.233" path="socket:[12038]" dev="sockfs" ino=12038 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  155.056415][ T6951] FAULT_INJECTION: forcing a failure.
[  155.056415][ T6951] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.096604][ T6951] CPU: 1 UID: 0 PID: 6951 Comm: syz.1.235 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  155.096631][ T6951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  155.096640][ T6951] Call Trace:
[  155.096645][ T6951]  <TASK>
[  155.096650][ T6951]  dump_stack_lvl+0x16c/0x1f0
[  155.096679][ T6951]  should_fail_ex+0x512/0x640
[  155.096702][ T6951]  _copy_from_iter+0x2a4/0x15b0
[  155.096725][ T6951]  ? __alloc_skb+0x200/0x380
[  155.096745][ T6951]  ? __pfx__copy_from_iter+0x10/0x10
[  155.096767][ T6951]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  155.096797][ T6951]  netlink_sendmsg+0x829/0xdd0
[  155.096824][ T6951]  ? __pfx_netlink_sendmsg+0x10/0x10
[  155.096855][ T6951]  ____sys_sendmsg+0xa95/0xc70
[  155.096881][ T6951]  ? copy_msghdr_from_user+0x10a/0x160
[  155.096901][ T6951]  ? __pfx_____sys_sendmsg+0x10/0x10
[  155.096929][ T6951]  ? __pfx__kstrtoull+0x10/0x10
[  155.096959][ T6951]  ___sys_sendmsg+0x134/0x1d0
[  155.096981][ T6951]  ? __pfx____sys_sendmsg+0x10/0x10
[  155.097012][ T6951]  ? find_held_lock+0x2b/0x80
[  155.097050][ T6951]  __sys_sendmmsg+0x200/0x420
[  155.097074][ T6951]  ? __pfx___sys_sendmmsg+0x10/0x10
[  155.097103][ T6951]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  155.097136][ T6951]  ? fput+0x70/0xf0
[  155.097156][ T6951]  ? ksys_write+0x1b9/0x240
[  155.097171][ T6951]  ? __pfx_ksys_write+0x10/0x10
[  155.097185][ T6951]  ? rcu_is_watching+0x12/0xc0
[  155.097209][ T6951]  __x64_sys_sendmmsg+0x9c/0x100
[  155.097239][ T6951]  ? lockdep_hardirqs_on+0x7c/0x110
[  155.097265][ T6951]  do_syscall_64+0xcd/0x260
[  155.097290][ T6951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.097307][ T6951] RIP: 0033:0x7f557ad8d169
[  155.097322][ T6951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.097338][ T6951] RSP: 002b:00007f557bbf9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  155.097355][ T6951] RAX: ffffffffffffffda RBX: 00007f557afa5fa0 RCX: 00007f557ad8d169
[  155.097366][ T6951] RDX: 0492492492492627 RSI: 00002000000000c0 RDI: 0000000000000003
[  155.097376][ T6951] RBP: 00007f557bbf9090 R08: 0000000000000000 R09: 0000000000000000
[  155.097387][ T6951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.097396][ T6951] R13: 0000000000000000 R14: 00007f557afa5fa0 R15: 00007ffc2a2f7c68
[  155.097419][ T6951]  </TASK>
[  155.481662][ T6955] RDS: rds_bind could not find a transport for ::ffff:172.30.0.1, load rds_tcp or rds_rdma?
[  155.548926][ T6953] ptrace attach of ""[6956] was attempted by "./syz-executor exec"[6953]
[  157.036867][ T5837] Bluetooth: hci4: link tx timeout
[  157.072765][ T5876] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  157.852331][ T5876] usb 5-1: config index 0 descriptor too short (expected 15795, got 36)
[  157.864853][ T5876] usb 5-1: config 3 has too many interfaces: 64, using maximum allowed: 32
[  157.881272][ T5876] usb 5-1: config 3 has an invalid descriptor of length 156, skipping remainder of the config
[  157.984815][ T5876] usb 5-1: config 3 has 0 interfaces, different from the descriptor's value: 64
[  158.072521][ T5876] usb 5-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  158.090044][ T5876] usb 5-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35
[  158.098867][ T5876] usb 5-1: Product: syz
[  158.103306][ T5876] usb 5-1: Manufacturer: syz
[  158.107894][ T5876] usb 5-1: SerialNumber: syz
[  158.911699][   T30] audit: type=1400 audit(1744135487.754:366): avc:  denied  { write } for  pid=6986 comm="syz.1.246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  159.083049][ T5874] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  159.091047][   T30] audit: type=1400 audit(1744135487.934:367): avc:  denied  { append } for  pid=6986 comm="syz.1.246" name="sg0" dev="devtmpfs" ino=732 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  159.348489][ T5876] usb 5-1: USB disconnect, device number 7
[  159.355644][   T30] audit: type=1400 audit(1744135487.934:368): avc:  denied  { ioctl } for  pid=6986 comm="syz.1.246" path="/dev/sg0" dev="devtmpfs" ino=732 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  159.423635][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.543239][ T5874] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  159.562822][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.574694][ T5874] usb 4-1: config 0 descriptor??
[  160.245638][ T5874] keytouch 0003:0926:3333.0009: fixing up Keytouch IEC report descriptor
[  160.263802][ T5874] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0009/input/input10
[  160.800266][ T6985] xt_policy: neither incoming nor outgoing policy selected
[  160.842452][ T5874] keytouch 0003:0926:3333.0009: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  160.994582][ T5874] usb 4-1: USB disconnect, device number 6
[  163.968562][   T30] audit: type=1400 audit(1744135492.814:369): avc:  denied  { watch watch_reads } for  pid=7027 comm="syz.0.257" path="/46" dev="tmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  163.991180][    C1] vkms_vblank_simulate: vblank timer overrun
[  164.815940][ T5872] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  164.985125][ T5872] usb 2-1: Using ep0 maxpacket: 32
[  164.991635][ T5872] usb 2-1: unable to get BOS descriptor set
[  165.059264][ T7044] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  165.314434][ T5872] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  165.330234][ T5872] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  165.365098][ T5872] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  165.597354][ T5872] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  165.616230][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.646983][ T5872] usb 2-1: Product: syz
[  165.662467][ T5872] usb 2-1: Manufacturer: syz
[  165.677506][ T5872] usb 2-1: SerialNumber: syz
[  165.803453][ T5829] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  165.912869][  T910] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  165.964873][ T5829] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  165.973632][ T5829] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  165.994581][ T5829] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  166.038419][ T5872] usb 2-1: 0:2 : does not exist
[  166.061397][ T5872] usb 2-1: USB disconnect, device number 10
[  166.066117][ T5829] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  166.119416][  T910] usb 5-1: config 0 has an invalid interface number: 52 but max is 0
[  166.130698][  T910] usb 5-1: config 0 has an invalid descriptor of length 130, skipping remainder of the config
[  166.145599][  T910] usb 5-1: config 0 has no interface number 0
[  167.003511][  T910] usb 5-1: config 0 interface 52 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  167.036316][ T5841] udevd[5841]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  167.069206][ T5829] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  167.083166][  T910] usb 5-1: config 0 interface 52 has no altsetting 0
[  167.093188][  T910] usb 5-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  167.102388][ T5829] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  167.110525][  T910] usb 5-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35
[  167.118959][  T910] usb 5-1: Product: syz
[  167.123211][  T910] usb 5-1: Manufacturer: syz
[  167.127847][  T910] usb 5-1: SerialNumber: syz
[  167.151399][  T910] usb 5-1: config 0 descriptor??
[  167.156623][ T5829] usb 3-1: Product: syz
[  167.169762][ T5829] usb 3-1: Manufacturer: syz
[  167.287820][ T5829] cdc_wdm 3-1:1.0: skipping garbage
[  167.293294][ T5829] cdc_wdm 3-1:1.0: probe with driver cdc_wdm failed with error -22
[  167.726585][  T910] usb 5-1: Can not set alternate setting to 1, error: -71
[  167.740188][  T910] synaptics_usb 5-1:0.52: probe with driver synaptics_usb failed with error -71
[  167.782086][  T910] usb 5-1: USB disconnect, device number 8
[  167.797136][  T972] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  167.810971][  T972] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  168.365293][ T7082] tmpfs: Unknown parameter 'huge½always'
[  169.395526][    T9] usb 3-1: USB disconnect, device number 6
[  169.740453][ T7098] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  169.749252][   T30] audit: type=1400 audit(1744135498.594:370): avc:  denied  { write } for  pid=7096 comm="syz.4.279" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  169.901377][    T9] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  170.542788][    T9] usb 3-1: Using ep0 maxpacket: 8
[  170.556466][    T9] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  170.572749][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.659304][    T9] usb 3-1: Product: syz
[  170.663859][    T9] usb 3-1: Manufacturer: syz
[  170.668431][    T9] usb 3-1: SerialNumber: syz
[  170.683505][    T9] usb 3-1: config 0 descriptor??
[  170.691771][    T9] gspca_main: sq930x-2.14.0 probing 2770:930c
[  171.112870][    T9] gspca_sq930x: reg_r 001f failed -71
[  171.118408][    T9] sq930x 3-1:0.0: probe with driver sq930x failed with error -71
[  172.024588][    T9] usb 3-1: USB disconnect, device number 7
[  172.178091][ T7118] batadv_slave_1: entered promiscuous mode
[  172.186636][   T30] audit: type=1400 audit(1744135501.024:371): avc:  denied  { setopt } for  pid=7116 comm="syz.0.284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  172.232918][ T7116] batadv_slave_1: left promiscuous mode
[  172.340756][   T30] audit: type=1400 audit(1744135501.174:372): avc:  denied  { bind } for  pid=7119 comm="syz.3.286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  172.359998][    C1] vkms_vblank_simulate: vblank timer overrun
[  175.068154][ T7166] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  175.293907][ T5874] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  175.304599][   T30] audit: type=1400 audit(1744135504.134:373): avc:  denied  { read } for  pid=7164 comm="syz.0.298" name="sg0" dev="devtmpfs" ino=732 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  175.327880][    C1] vkms_vblank_simulate: vblank timer overrun
[  175.465059][ T5874] usb 3-1: Using ep0 maxpacket: 8
[  175.671802][ T5874] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  175.681015][ T5874] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.692041][ T5874] usb 3-1: Product: syz
[  175.696329][ T5874] usb 3-1: Manufacturer: syz
[  175.701995][ T5874] usb 3-1: SerialNumber: syz
[  175.709808][ T5874] usb 3-1: config 0 descriptor??
[  175.726025][ T5874] gspca_main: sq930x-2.14.0 probing 2770:930c
[  176.267248][ T5874] gspca_sq930x: reg_r 001f failed -71
[  176.399167][ T5874] sq930x 3-1:0.0: probe with driver sq930x failed with error -71
[  176.412894][ T5874] usb 3-1: USB disconnect, device number 8
[  176.504315][ T7181] FAULT_INJECTION: forcing a failure.
[  176.504315][ T7181] name failslab, interval 1, probability 0, space 0, times 0
[  176.517180][ T7181] CPU: 1 UID: 0 PID: 7181 Comm: syz.0.302 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  176.517202][ T7181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  176.517212][ T7181] Call Trace:
[  176.517218][ T7181]  <TASK>
[  176.517224][ T7181]  dump_stack_lvl+0x16c/0x1f0
[  176.517250][ T7181]  should_fail_ex+0x512/0x640
[  176.517267][ T7181]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  176.517290][ T7181]  should_failslab+0xc2/0x120
[  176.517310][ T7181]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  176.517330][ T7181]  ? resume_store+0x1b8/0x460
[  176.517353][ T7181]  kstrndup+0x6d/0x160
[  176.517375][ T7181]  resume_store+0x1b8/0x460
[  176.517394][ T7181]  ? __pfx_resume_store+0x10/0x10
[  176.517411][ T7181]  ? lockdep_hardirqs_on+0x7c/0x110
[  176.517442][ T7181]  ? kobj_attr_store+0x1d/0x80
[  176.517465][ T7181]  ? __pfx_resume_store+0x10/0x10
[  176.517483][ T7181]  kobj_attr_store+0x55/0x80
[  176.517505][ T7181]  ? __pfx_kobj_attr_store+0x10/0x10
[  176.517527][ T7181]  sysfs_kf_write+0xef/0x150
[  176.517555][ T7181]  kernfs_fop_write_iter+0x351/0x510
[  176.517576][ T7181]  ? __pfx_sysfs_kf_write+0x10/0x10
[  176.517604][ T7181]  vfs_write+0x5ba/0x1180
[  176.517621][ T7181]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  176.517646][ T7181]  ? __pfx___mutex_lock+0x10/0x10
[  176.517668][ T7181]  ? __pfx_vfs_write+0x10/0x10
[  176.517701][ T7181]  ksys_write+0x12a/0x240
[  176.517716][ T7181]  ? __pfx_ksys_write+0x10/0x10
[  176.517739][ T7181]  do_syscall_64+0xcd/0x260
[  176.517764][ T7181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.517780][ T7181] RIP: 0033:0x7f4c7d38d169
[  176.517795][ T7181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.517811][ T7181] RSP: 002b:00007f4c7e264038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  176.517828][ T7181] RAX: ffffffffffffffda RBX: 00007f4c7d5a6160 RCX: 00007f4c7d38d169
[  176.517839][ T7181] RDX: 0000000000000012 RSI: 0000200000000040 RDI: 0000000000000009
[  176.517849][ T7181] RBP: 00007f4c7e264090 R08: 0000000000000000 R09: 0000000000000000
[  176.517859][ T7181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.517869][ T7181] R13: 0000000000000000 R14: 00007f4c7d5a6160 R15: 00007ffdb8dcb0e8
[  176.517893][ T7181]  </TASK>
[  176.747846][    C1] vkms_vblank_simulate: vblank timer overrun
[  177.118558][ T7191] FAULT_INJECTION: forcing a failure.
[  177.118558][ T7191] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  177.179606][ T7191] CPU: 1 UID: 0 PID: 7191 Comm: syz.2.305 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  177.179623][ T7191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  177.179630][ T7191] Call Trace:
[  177.179634][ T7191]  <TASK>
[  177.179638][ T7191]  dump_stack_lvl+0x16c/0x1f0
[  177.179657][ T7191]  should_fail_ex+0x512/0x640
[  177.179671][ T7191]  strncpy_from_user+0x3b/0x2e0
[  177.179682][ T7191]  getname_flags.part.0+0x8b/0x540
[  177.179699][ T7191]  getname_flags+0x93/0xf0
[  177.179715][ T7191]  user_path_at+0x24/0x60
[  177.179725][ T7191]  __x64_sys_mount+0x1fc/0x310
[  177.179738][ T7191]  ? __pfx___x64_sys_mount+0x10/0x10
[  177.179749][ T7191]  ? rcu_is_watching+0x12/0xc0
[  177.179766][ T7191]  do_syscall_64+0xcd/0x260
[  177.179782][ T7191]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.179793][ T7191] RIP: 0033:0x7fdd1cf8d169
[  177.179802][ T7191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.179812][ T7191] RSP: 002b:00007fdd1dec6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  177.179822][ T7191] RAX: ffffffffffffffda RBX: 00007fdd1d1a5fa0 RCX: 00007fdd1cf8d169
[  177.179829][ T7191] RDX: 00002000000005c0 RSI: 0000200000000580 RDI: 0000200000000300
[  177.179835][ T7191] RBP: 00007fdd1dec6090 R08: 0000000000000000 R09: 0000000000000000
[  177.179841][ T7191] R10: 0000000000000058 R11: 0000000000000246 R12: 0000000000000001
[  177.179847][ T7191] R13: 0000000000000000 R14: 00007fdd1d1a5fa0 R15: 00007fff48fb9f98
[  177.179860][ T7191]  </TASK>
[  177.456557][ T7193] FAULT_INJECTION: forcing a failure.
[  177.456557][ T7193] name failslab, interval 1, probability 0, space 0, times 0
[  177.469309][ T7193] CPU: 1 UID: 0 PID: 7193 Comm: syz.1.307 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  177.469331][ T7193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  177.469341][ T7193] Call Trace:
[  177.469346][ T7193]  <TASK>
[  177.469353][ T7193]  dump_stack_lvl+0x16c/0x1f0
[  177.469380][ T7193]  should_fail_ex+0x512/0x640
[  177.469397][ T7193]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  177.469418][ T7193]  should_failslab+0xc2/0x120
[  177.469437][ T7193]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  177.469454][ T7193]  ? d_instantiate+0x77/0x90
[  177.469471][ T7193]  ? alloc_empty_file+0x55/0x1e0
[  177.469495][ T7193]  alloc_empty_file+0x55/0x1e0
[  177.469516][ T7193]  alloc_file_pseudo+0x13a/0x230
[  177.469537][ T7193]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  177.469558][ T7193]  ? do_raw_spin_unlock+0x172/0x230
[  177.469580][ T7193]  __anon_inode_getfile+0xf7/0x370
[  177.469602][ T7193]  anon_inode_getfd+0x52/0xb0
[  177.469621][ T7193]  __x64_sys_fsopen+0x18b/0x240
[  177.469641][ T7193]  do_syscall_64+0xcd/0x260
[  177.469665][ T7193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.469683][ T7193] RIP: 0033:0x7f557ad8d169
[  177.469697][ T7193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.469711][ T7193] RSP: 002b:00007f557bbf9038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  177.469727][ T7193] RAX: ffffffffffffffda RBX: 00007f557afa5fa0 RCX: 00007f557ad8d169
[  177.469738][ T7193] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000001f80
[  177.469748][ T7193] RBP: 00007f557bbf9090 R08: 0000000000000000 R09: 0000000000000000
[  177.469757][ T7193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  177.469766][ T7193] R13: 0000000000000001 R14: 00007f557afa5fa0 R15: 00007ffc2a2f7c68
[  177.469788][ T7193]  </TASK>
[  177.690372][ T7197] tmpfs: Unknown parameter 'huge½always'
[  178.987108][ T7209] FAULT_INJECTION: forcing a failure.
[  178.987108][ T7209] name failslab, interval 1, probability 0, space 0, times 0
[  179.047921][ T7209] CPU: 1 UID: 0 PID: 7209 Comm: syz.0.311 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  179.047946][ T7209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  179.047957][ T7209] Call Trace:
[  179.047963][ T7209]  <TASK>
[  179.047969][ T7209]  dump_stack_lvl+0x16c/0x1f0
[  179.047992][ T7209]  should_fail_ex+0x512/0x640
[  179.048007][ T7209]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  179.048029][ T7209]  should_failslab+0xc2/0x120
[  179.048045][ T7209]  __kmalloc_cache_noprof+0x6a/0x3e0
[  179.048065][ T7209]  ? rtnl_newlink+0x11b/0x2000
[  179.048084][ T7209]  ? __pfx_rtnl_newlink+0x10/0x10
[  179.048099][ T7209]  rtnl_newlink+0x11b/0x2000
[  179.048126][ T7209]  ? __pfx_rtnl_newlink+0x10/0x10
[  179.048141][ T7209]  ? find_held_lock+0x2b/0x80
[  179.048163][ T7209]  ? avc_has_perm_noaudit+0x117/0x3b0
[  179.048180][ T7209]  ? avc_has_perm_noaudit+0x149/0x3b0
[  179.048198][ T7209]  ? __lock_acquire+0x5ca/0x1ba0
[  179.048219][ T7209]  ? find_held_lock+0x2b/0x80
[  179.048234][ T7209]  ? __pfx_rtnl_newlink+0x10/0x10
[  179.048250][ T7209]  ? __pfx_rtnl_newlink+0x10/0x10
[  179.048264][ T7209]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  179.048282][ T7209]  ? __pfx_rtnl_newlink+0x10/0x10
[  179.048299][ T7209]  rtnetlink_rcv_msg+0x95b/0xe90
[  179.048317][ T7209]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  179.048343][ T7209]  netlink_rcv_skb+0x16a/0x440
[  179.048361][ T7209]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  179.048379][ T7209]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  179.048406][ T7209]  ? netlink_deliver_tap+0x1ae/0xd30
[  179.048427][ T7209]  netlink_unicast+0x53a/0x7f0
[  179.048446][ T7209]  ? __pfx_netlink_unicast+0x10/0x10
[  179.048469][ T7209]  netlink_sendmsg+0x8d1/0xdd0
[  179.048489][ T7209]  ? __pfx_netlink_sendmsg+0x10/0x10
[  179.048514][ T7209]  ____sys_sendmsg+0xa95/0xc70
[  179.048535][ T7209]  ? copy_msghdr_from_user+0x10a/0x160
[  179.048550][ T7209]  ? __pfx_____sys_sendmsg+0x10/0x10
[  179.048578][ T7209]  ___sys_sendmsg+0x134/0x1d0
[  179.048595][ T7209]  ? __pfx____sys_sendmsg+0x10/0x10
[  179.048633][ T7209]  __sys_sendmsg+0x16d/0x220
[  179.048649][ T7209]  ? __pfx___sys_sendmsg+0x10/0x10
[  179.048670][ T7209]  ? rcu_is_watching+0x12/0xc0
[  179.048691][ T7209]  do_syscall_64+0xcd/0x260
[  179.048710][ T7209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.048723][ T7209] RIP: 0033:0x7f4c7d38d169
[  179.048734][ T7209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  179.048747][ T7209] RSP: 002b:00007f4c7e2a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  179.048760][ T7209] RAX: ffffffffffffffda RBX: 00007f4c7d5a5fa0 RCX: 00007f4c7d38d169
[  179.048769][ T7209] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  179.048777][ T7209] RBP: 00007f4c7e2a6090 R08: 0000000000000000 R09: 0000000000000000
[  179.048784][ T7209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  179.048792][ T7209] R13: 0000000000000000 R14: 00007f4c7d5a5fa0 R15: 00007ffdb8dcb0e8
[  179.048809][ T7209]  </TASK>
[  179.425552][ T7199] tmpfs: Unknown parameter 'huge½always'
[  180.758959][   T30] audit: type=1400 audit(1744135509.604:374): avc:  granted  { setsecparam } for  pid=7225 comm="syz.1.316" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  181.663956][ T7254] syz.0.323: attempt to access beyond end of device
[  181.663956][ T7254] loop0: rw=4096, sector=0, nr_sectors = 1 limit=0
[  181.665736][ T7261] netlink: 'syz.0.323': attribute type 11 has an invalid length.
[  181.681767][ T7254] XFS (loop0): SB validate failed with error -5.
[  181.686758][ T7261] netlink: 32 bytes leftover after parsing attributes in process `syz.0.323'.
[  183.782813][   T30] audit: type=1400 audit(1744135512.244:375): avc:  denied  { ioctl } for  pid=7284 comm="syz.3.331" path="/dev/vhost-net" dev="devtmpfs" ino=1274 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  183.832850][  T910] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  184.172307][  T910] usb 2-1: config 1 has an invalid descriptor of length 226, skipping remainder of the config
[  184.203028][  T910] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 2
[  184.222041][  T910] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  184.236107][  T910] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.249419][  T910] usb 2-1: Product: syz
[  184.257044][  T910] usb 2-1: Manufacturer: syz
[  184.263424][  T910] usb 2-1: SerialNumber: syz
[  185.804470][ T5824] Bluetooth: hci1: command 0x0406 tx timeout
[  185.810502][   T56] Bluetooth: hci2: command 0x0406 tx timeout
[  185.816609][ T5832] Bluetooth: hci3: command 0x0406 tx timeout
[  185.881596][   T30] audit: type=1400 audit(1744135514.724:376): avc:  denied  { write } for  pid=7320 comm="syz.0.339" name="usbmon2" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  185.904814][    C1] vkms_vblank_simulate: vblank timer overrun
[  186.218769][ T7332] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47 sclass=netlink_route_socket pid=7332 comm=syz.2.343
[  186.224833][ T5874] usb 2-1: USB disconnect, device number 11
[  186.273061][ T5873] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  186.573043][  T910] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  186.889221][ T5873] usb 4-1: Using ep0 maxpacket: 8
[  186.897006][ T5873] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  186.907965][ T5873] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  186.932571][ T5873] usb 4-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  186.941728][ T5873] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.956759][  T910] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  186.958738][ T5873] usb 4-1: config 0 descriptor??
[  186.980321][  T910] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  187.010743][  T910] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.229892][ T5873] prodikeys 0003:041E:2801.000B: unknown main item tag 0x0
[  187.674145][  T910] usb 3-1: config 0 descriptor??
[  188.156161][ T5873] prodikeys 0003:041E:2801.000B: unknown main item tag 0x0
[  188.196379][ T5873] prodikeys 0003:041E:2801.000B: item fetching failed at offset 2/7
[  188.228234][ T5873] prodikeys 0003:041E:2801.000B: hid parse failed
[  188.245732][  T910] keytouch 0003:0926:3333.000C: fixing up Keytouch IEC report descriptor
[  188.262943][  T910] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.000C/input/input11
[  188.265291][ T5873] prodikeys 0003:041E:2801.000B: probe with driver prodikeys failed with error -22
[  188.318855][ T7359] RDS: rds_bind could not find a transport for ::ffff:172.30.0.2, load rds_tcp or rds_rdma?
[  188.365933][ T5873] usb 4-1: USB disconnect, device number 7
[  188.407537][  T910] keytouch 0003:0926:3333.000C: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[  188.534881][ T7359] ptrace attach of ""[7361] was attempted by "./syz-executor exec"[7359]
[  190.038272][  T910] usb 3-1: USB disconnect, device number 9
[  190.624705][ T7371] FAULT_INJECTION: forcing a failure.
[  190.624705][ T7371] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.637838][ T7371] CPU: 1 UID: 0 PID: 7371 Comm: syz.3.353 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  190.637861][ T7371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  190.637871][ T7371] Call Trace:
[  190.637876][ T7371]  <TASK>
[  190.637882][ T7371]  dump_stack_lvl+0x16c/0x1f0
[  190.637908][ T7371]  should_fail_ex+0x512/0x640
[  190.637930][ T7371]  _copy_from_user+0x2e/0xd0
[  190.637951][ T7371]  generic_map_update_batch+0x3e9/0x610
[  190.637981][ T7371]  ? __pfx_generic_map_update_batch+0x10/0x10
[  190.638006][ T7371]  ? __pfx_generic_map_update_batch+0x10/0x10
[  190.638028][ T7371]  bpf_map_do_batch+0x5a8/0x670
[  190.638049][ T7371]  __sys_bpf+0x15f3/0x4d80
[  190.638070][ T7371]  ? rcu_is_watching+0x12/0xc0
[  190.638092][ T7371]  ? __pfx___sys_bpf+0x10/0x10
[  190.638111][ T7371]  ? __schedule+0x1186/0x5de0
[  190.638130][ T7371]  ? ksys_write+0x190/0x240
[  190.638166][ T7371]  ? fput+0x70/0xf0
[  190.638183][ T7371]  ? ksys_write+0x1b9/0x240
[  190.638204][ T7371]  __x64_sys_bpf+0x78/0xc0
[  190.638225][ T7371]  ? lockdep_hardirqs_on+0x7c/0x110
[  190.638246][ T7371]  do_syscall_64+0xcd/0x260
[  190.638269][ T7371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.638285][ T7371] RIP: 0033:0x7f493058d169
[  190.638299][ T7371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.638316][ T7371] RSP: 002b:00007f4931451038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  190.638332][ T7371] RAX: ffffffffffffffda RBX: 00007f49307a6160 RCX: 00007f493058d169
[  190.638343][ T7371] RDX: 0000000000000038 RSI: 0000200000000200 RDI: 000000000000001a
[  190.638354][ T7371] RBP: 00007f4931451090 R08: 0000000000000000 R09: 0000000000000000
[  190.638364][ T7371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.638373][ T7371] R13: 0000000000000000 R14: 00007f49307a6160 R15: 00007ffc14372c98
[  190.638395][ T7371]  </TASK>
[  191.521740][ T7388] FAULT_INJECTION: forcing a failure.
[  191.521740][ T7388] name failslab, interval 1, probability 0, space 0, times 0
[  192.016165][ T7388] CPU: 0 UID: 0 PID: 7388 Comm: syz.1.359 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  192.016192][ T7388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  192.016203][ T7388] Call Trace:
[  192.016209][ T7388]  <TASK>
[  192.016215][ T7388]  dump_stack_lvl+0x16c/0x1f0
[  192.016243][ T7388]  should_fail_ex+0x512/0x640
[  192.016260][ T7388]  ? __kmalloc_noprof+0xbf/0x510
[  192.016280][ T7388]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  192.016307][ T7388]  should_failslab+0xc2/0x120
[  192.016326][ T7388]  __kmalloc_noprof+0xd2/0x510
[  192.016345][ T7388]  ? avc_has_perm_noaudit+0x149/0x3b0
[  192.016365][ T7388]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  192.016396][ T7388]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  192.016424][ T7388]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  192.016458][ T7388]  ? bpf_lsm_capable+0x9/0x10
[  192.016475][ T7388]  ? security_capable+0x7e/0x260
[  192.016495][ T7388]  ? ns_capable+0xd7/0x110
[  192.016519][ T7388]  genl_rcv_msg+0x55c/0x800
[  192.016547][ T7388]  ? __pfx_genl_rcv_msg+0x10/0x10
[  192.016571][ T7388]  ? __pfx___dev_queue_xmit+0x10/0x10
[  192.016588][ T7388]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  192.016635][ T7388]  ? __pfx_nl80211_start_ap+0x10/0x10
[  192.016655][ T7388]  ? __pfx_nl80211_post_doit+0x10/0x10
[  192.016679][ T7388]  ? __lock_acquire+0xaa4/0x1ba0
[  192.016701][ T7388]  netlink_rcv_skb+0x16a/0x440
[  192.016725][ T7388]  ? __pfx_genl_rcv_msg+0x10/0x10
[  192.016751][ T7388]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  192.016784][ T7388]  ? rcu_preempt_deferred_qs_irqrestore+0x4f5/0xbc0
[  192.016813][ T7388]  ? __pfx_down_read+0x10/0x10
[  192.016844][ T7388]  genl_rcv+0x28/0x40
[  192.016865][ T7388]  netlink_unicast+0x53a/0x7f0
[  192.016891][ T7388]  ? __pfx_netlink_unicast+0x10/0x10
[  192.016921][ T7388]  netlink_sendmsg+0x8d1/0xdd0
[  192.016948][ T7388]  ? __pfx_netlink_sendmsg+0x10/0x10
[  192.016981][ T7388]  ____sys_sendmsg+0xa95/0xc70
[  192.017007][ T7388]  ? copy_msghdr_from_user+0x10a/0x160
[  192.017027][ T7388]  ? __pfx_____sys_sendmsg+0x10/0x10
[  192.017057][ T7388]  ? lockdep_hardirqs_on+0x7c/0x110
[  192.017083][ T7388]  ___sys_sendmsg+0x134/0x1d0
[  192.017105][ T7388]  ? __pfx____sys_sendmsg+0x10/0x10
[  192.017157][ T7388]  __sys_sendmsg+0x16d/0x220
[  192.017179][ T7388]  ? __pfx___sys_sendmsg+0x10/0x10
[  192.017216][ T7388]  do_syscall_64+0xcd/0x260
[  192.017241][ T7388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.017257][ T7388] RIP: 0033:0x7f557ad8d169
[  192.017271][ T7388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.017287][ T7388] RSP: 002b:00007f557bbd8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  192.017305][ T7388] RAX: ffffffffffffffda RBX: 00007f557afa6080 RCX: 00007f557ad8d169
[  192.017317][ T7388] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  192.017328][ T7388] RBP: 00007f557bbd8090 R08: 0000000000000000 R09: 0000000000000000
[  192.017338][ T7388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.017349][ T7388] R13: 0000000000000001 R14: 00007f557afa6080 R15: 00007ffc2a2f7c68
[  192.017373][ T7388]  </TASK>
[  193.349557][ T7408] netlink: 8 bytes leftover after parsing attributes in process `syz.2.362'.
[  193.728799][   T30] audit: type=1400 audit(1744135522.434:377): avc:  denied  { read } for  pid=7409 comm="syz.3.363" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  193.762832][   T30] audit: type=1400 audit(1744135522.434:378): avc:  denied  { open } for  pid=7409 comm="syz.3.363" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  194.395031][ T7414] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  194.554332][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  194.681273][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  194.720057][ T5873] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  194.764530][   T30] audit: type=1400 audit(1744135523.604:379): avc:  denied  { create } for  pid=7419 comm="syz.4.366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  194.850443][   T30] audit: type=1400 audit(1744135523.614:380): avc:  denied  { setopt } for  pid=7420 comm="syz.3.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  194.894447][ T5873] usb 3-1: Using ep0 maxpacket: 8
[  194.927211][ T5873] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  194.939692][ T5873] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  194.970588][ T5873] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  195.021939][ T5873] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  195.052436][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.093826][ T5873] usb 3-1: config 0 descriptor??
[  195.271085][ T7433] serio: Serial port pts0
[  195.621657][ T7440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.362'.
[  195.630701][ T7440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.362'.
[  195.639583][ T7440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.362'.
[  195.648534][ T7440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.362'.
[  195.657474][ T7440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.362'.
[  195.666435][ T7440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.362'.
[  195.675375][ T7440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.362'.
[  195.684341][ T7440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.362'.
[  195.693252][ T7440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.362'.
[  195.991908][  T910] kernel write not supported for file /vcs (pid: 910 comm: kworker/1:2)
[  196.076701][ T7443] tmpfs: Unknown parameter 'huge½always'
[  196.692737][ T5873] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  196.892929][ T5873] usb 2-1: Using ep0 maxpacket: 8
[  197.192878][   T30] audit: type=1400 audit(1744135525.754:381): avc:  denied  { create } for  pid=7458 comm="syz.3.376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  197.516137][ T7464] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  197.967161][  T972] usb 3-1: USB disconnect, device number 10
[  197.981092][ T5873] usb 2-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  197.998743][ T5873] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.010744][ T5873] usb 2-1: Product: syz
[  198.017223][ T5873] usb 2-1: Manufacturer: syz
[  198.021886][ T5873] usb 2-1: SerialNumber: syz
[  198.030575][ T5873] usb 2-1: config 0 descriptor??
[  198.124312][ T5873] gspca_main: sq930x-2.14.0 probing 2770:930c
[  198.153304][ T7467] tmpfs: Bad value for 'mpol'
[  198.186842][ T7472] tmpfs: Bad value for 'mpol'
[  198.225075][   T30] audit: type=1400 audit(1744135527.074:382): avc:  denied  { ioctl } for  pid=7471 comm="syz.0.381" path="socket:[13981]" dev="sockfs" ino=13981 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  198.307268][   T30] audit: type=1400 audit(1744135527.074:383): avc:  denied  { write } for  pid=7471 comm="syz.0.381" name="btrfs-control" dev="devtmpfs" ino=1311 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  198.331687][ T5873] gspca_sq930x: reg_r 001f failed -71
[  198.340306][ T5873] sq930x 2-1:0.0: probe with driver sq930x failed with error -71
[  198.360530][ T5873] usb 2-1: USB disconnect, device number 12
[  198.417465][   T30] audit: type=1400 audit(1744135527.074:384): avc:  denied  { open } for  pid=7471 comm="syz.0.381" path="/dev/btrfs-control" dev="devtmpfs" ino=1311 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  198.447744][   T30] audit: type=1400 audit(1744135527.074:385): avc:  denied  { ioctl } for  pid=7471 comm="syz.0.381" path="/dev/btrfs-control" dev="devtmpfs" ino=1311 ioctlcmd=0x4584 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  198.485310][  T972] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  198.815613][   T30] audit: type=1400 audit(1744135527.484:386): avc:  denied  { bind } for  pid=7481 comm="syz.4.385" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  198.933350][  T972] usb 3-1: Using ep0 maxpacket: 8
[  198.942528][  T972] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  198.957419][  T972] usb 3-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b
[  198.968747][  T972] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.981941][  T972] usb 3-1: Product: syz
[  198.995082][  T972] usb 3-1: Manufacturer: syz
[  199.000322][  T972] usb 3-1: SerialNumber: syz
[  199.031086][ T7487] xt_hashlimit: overflow, try lower: 1125899906842624/8
[  199.245479][  T972] usb 3-1: config 0 descriptor??
[  199.340219][  T910] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  199.349244][  T972] gspca_main: stk014-2.14.0 probing 05e1:0893
[  199.378023][  T972] usb 3-1: selecting invalid altsetting 1
[  199.557268][  T972] gspca_stk014: init reg: 0x00
[  199.562129][  T972] stk014 3-1:0.0: probe with driver stk014 failed with error -5
[  199.612728][  T910] usb 5-1: Using ep0 maxpacket: 8
[  199.619500][  T910] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  199.629969][  T910] usb 5-1: New USB device found, idVendor=0e8d, idProduct=2000, bcdDevice=21.c6
[  200.214581][  T910] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.240854][  T910] usb 5-1: config 0 descriptor??
[  200.247244][ T5872] usb 3-1: USB disconnect, device number 11
[  200.863608][  T910] usb 5-1: USB disconnect, device number 9
[  201.285186][ T7512] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  201.311070][ T5872] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  201.848708][ T7514] FAULT_INJECTION: forcing a failure.
[  201.848708][ T7514] name failslab, interval 1, probability 0, space 0, times 0
[  201.861611][ T7514] CPU: 1 UID: 0 PID: 7514 Comm: syz.3.393 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  201.861634][ T7514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  201.861644][ T7514] Call Trace:
[  201.861650][ T7514]  <TASK>
[  201.861657][ T7514]  dump_stack_lvl+0x16c/0x1f0
[  201.861685][ T7514]  should_fail_ex+0x512/0x640
[  201.861708][ T7514]  should_failslab+0xc2/0x120
[  201.861727][ T7514]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  201.861749][ T7514]  ? sidtab_sid2str_get+0x17a/0x680
[  201.861780][ T7514]  kmemdup_noprof+0x29/0x60
[  201.861800][ T7514]  sidtab_sid2str_get+0x17a/0x680
[  201.861828][ T7514]  sidtab_entry_to_string+0x33/0x110
[  201.861855][ T7514]  security_sid_to_context_core+0x35c/0x640
[  201.861882][ T7514]  avc_audit_post_callback+0x109/0x8f0
[  201.861911][ T7514]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  201.861936][ T7514]  ? skb_put+0x138/0x1b0
[  201.861963][ T7514]  ? audit_log_n_string+0x253/0x540
[  201.861997][ T7514]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  201.862022][ T7514]  common_lsm_audit+0x24b/0x300
[  201.862047][ T7514]  ? __pfx_common_lsm_audit+0x10/0x10
[  201.862071][ T7514]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  201.862091][ T7514]  ? avc_update_node.isra.0+0x4c0/0xb60
[  201.862111][ T7514]  slow_avc_audit+0x186/0x210
[  201.862128][ T7514]  ? __pfx_slow_avc_audit+0x10/0x10
[  201.862147][ T7514]  ? avc_denied+0x14a/0x190
[  201.862166][ T7514]  ? avc_has_perm_noaudit+0x306/0x3b0
[  201.862187][ T7514]  avc_has_perm+0x18b/0x1c0
[  201.862206][ T7514]  ? __pfx_avc_has_perm+0x10/0x10
[  201.862232][ T7514]  sock_has_perm+0x252/0x2f0
[  201.862251][ T7514]  ? __pfx_sock_has_perm+0x10/0x10
[  201.862278][ T7514]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  201.862302][ T7514]  ? is_bpf_text_address+0x94/0x1a0
[  201.862327][ T7514]  security_socket_recvmsg+0x238/0x260
[  201.862349][ T7514]  sock_recvmsg+0x4a/0x250
[  201.862375][ T7514]  ____sys_recvmsg+0x218/0x6b0
[  201.862404][ T7514]  ? __pfx_____sys_recvmsg+0x10/0x10
[  201.862443][ T7514]  ? __lock_acquire+0x5ca/0x1ba0
[  201.862465][ T7514]  ___sys_recvmsg+0x114/0x1a0
[  201.862487][ T7514]  ? __pfx____sys_recvmsg+0x10/0x10
[  201.862511][ T7514]  ? find_held_lock+0x2b/0x80
[  201.862548][ T7514]  do_recvmmsg+0x2fe/0x740
[  201.862573][ T7514]  ? __pfx_do_recvmmsg+0x10/0x10
[  201.862599][ T7514]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  201.862631][ T7514]  ? __fget_files+0x20e/0x3c0
[  201.862657][ T7514]  __x64_sys_recvmmsg+0x22a/0x280
[  201.862678][ T7514]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  201.862698][ T7514]  ? rcu_is_watching+0x12/0xc0
[  201.862726][ T7514]  do_syscall_64+0xcd/0x260
[  201.862752][ T7514]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.862770][ T7514] RIP: 0033:0x7f493058d169
[  201.862785][ T7514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.862802][ T7514] RSP: 002b:00007f4931493038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  201.862818][ T7514] RAX: ffffffffffffffda RBX: 00007f49307a5fa0 RCX: 00007f493058d169
[  201.862829][ T7514] RDX: 00000000000005df RSI: 0000200000000b40 RDI: 0000000000000003
[  201.862840][ T7514] RBP: 00007f4931493090 R08: 0000000000000000 R09: 0000000000000000
[  201.862850][ T7514] R10: 0000000000002001 R11: 0000000000000246 R12: 0000000000000001
[  201.862860][ T7514] R13: 0000000000000000 R14: 00007f49307a5fa0 R15: 00007ffc14372c98
[  201.862883][ T7514]  </TASK>
[  202.262291][   T30] audit: type=1400 audit(1744135530.694:387): avc:  denied  { read } for  pid=7513 comm="syz.3.393" ssid=146 tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  202.386012][ T7520] FAULT_INJECTION: forcing a failure.
[  202.386012][ T7520] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  202.399170][ T7520] CPU: 1 UID: 0 PID: 7520 Comm: syz.0.395 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  202.399193][ T7520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  202.399202][ T7520] Call Trace:
[  202.399208][ T7520]  <TASK>
[  202.399215][ T7520]  dump_stack_lvl+0x16c/0x1f0
[  202.399241][ T7520]  should_fail_ex+0x512/0x640
[  202.399263][ T7520]  _copy_to_user+0x32/0xd0
[  202.399285][ T7520]  video_usercopy+0x684/0x1720
[  202.399313][ T7520]  ? __pfx___video_do_ioctl+0x10/0x10
[  202.399337][ T7520]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x1/0x10
[  202.399365][ T7520]  ? __pfx_video_usercopy+0x10/0x10
[  202.399406][ T7520]  v4l2_ioctl+0x1ba/0x250
[  202.399428][ T7520]  ? __pfx_v4l2_ioctl+0x10/0x10
[  202.399458][ T7520]  __x64_sys_ioctl+0x190/0x200
[  202.399484][ T7520]  do_syscall_64+0xcd/0x260
[  202.399508][ T7520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.399525][ T7520] RIP: 0033:0x7f4c7d38d169
[  202.399539][ T7520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.399556][ T7520] RSP: 002b:00007f4c7e2a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  202.399573][ T7520] RAX: ffffffffffffffda RBX: 00007f4c7d5a5fa0 RCX: 00007f4c7d38d169
[  202.399584][ T7520] RDX: 0000200000000100 RSI: 00000000c0205649 RDI: 0000000000000003
[  202.399594][ T7520] RBP: 00007f4c7e2a6090 R08: 0000000000000000 R09: 0000000000000000
[  202.399603][ T7520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.399613][ T7520] R13: 0000000000000000 R14: 00007f4c7d5a5fa0 R15: 00007ffdb8dcb0e8
[  202.399635][ T7520]  </TASK>
[  202.682734][ T5872] usb 3-1: Using ep0 maxpacket: 16
[  202.689371][ T5872] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  202.699582][ T5872] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  202.710589][ T5872] usb 3-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  202.722690][ T5872] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 22
[  202.736749][ T5838] Bluetooth: hci2: unexpected event for opcode 0x0c7a
[  202.746291][ T5872] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  202.755455][ T5872] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  202.763525][ T5872] usb 3-1: SerialNumber: syz
[  202.785746][ T5872] cdc_acm 3-1:1.0: skipping garbage
[  202.924214][  T910] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  203.542883][  T910] usb 2-1: Using ep0 maxpacket: 8
[  203.576876][ T7534] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  203.581771][  T910] usb 2-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  203.612839][  T910] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  203.631198][  T910] usb 2-1: Product: syz
[  203.635529][  T910] usb 2-1: Manufacturer: syz
[  203.640122][  T910] usb 2-1: SerialNumber: syz
[  203.709643][ T7534] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  203.745729][   T30] audit: type=1400 audit(1744135532.594:388): avc:  denied  { ioctl } for  pid=7498 comm="syz.2.389" path="socket:[14094]" dev="sockfs" ino=14094 ioctlcmd=0x6607 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  203.747627][  T910] usb 2-1: config 0 descriptor??
[  204.217749][  T910] gspca_main: sq930x-2.14.0 probing 2770:930c
[  205.566697][  T910] gspca_sq930x: reg_r 001f failed -110
[  205.842442][  T910] sq930x 2-1:0.0: probe with driver sq930x failed with error -110
[  205.880569][   T24] usb 3-1: USB disconnect, device number 12
[  205.951658][  T910] usb 2-1: USB disconnect, device number 13
[  206.358065][ T7560] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  207.662122][ T5872] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  207.924323][ T5872] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  207.935441][ T5872] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  207.951974][ T5872] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.974065][ T5872] usb 4-1: config 0 descriptor??
[  208.259783][ T7579] tmpfs: Unknown parameter 'huge½always'
[  208.713570][ T5872] keytouch 0003:0926:3333.000D: fixing up Keytouch IEC report descriptor
[  208.798798][ T7585] xt_policy: neither incoming nor outgoing policy selected
[  209.068076][ T5872] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.000D/input/input12
[  209.151984][ T7590] __nla_validate_parse: 45 callbacks suppressed
[  209.151995][ T7590] netlink: 260 bytes leftover after parsing attributes in process `syz.1.414'.
[  209.179957][ T5872] keytouch 0003:0926:3333.000D: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  209.260026][ T7590] FAULT_INJECTION: forcing a failure.
[  209.260026][ T7590] name failslab, interval 1, probability 0, space 0, times 0
[  210.383749][ T7590] CPU: 1 UID: 0 PID: 7590 Comm: syz.1.414 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  210.383775][ T7590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  210.383785][ T7590] Call Trace:
[  210.383791][ T7590]  <TASK>
[  210.383798][ T7590]  dump_stack_lvl+0x16c/0x1f0
[  210.383825][ T7590]  should_fail_ex+0x512/0x640
[  210.383844][ T7590]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  210.383866][ T7590]  should_failslab+0xc2/0x120
[  210.383886][ T7590]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  210.383904][ T7590]  ? __alloc_skb+0x2b2/0x380
[  210.383924][ T7590]  ? bpf_lsm_capable+0x9/0x10
[  210.383944][ T7590]  __alloc_skb+0x2b2/0x380
[  210.383964][ T7590]  ? __pfx___alloc_skb+0x10/0x10
[  210.383984][ T7590]  ? genl_rcv_msg+0x4bb/0x800
[  210.384017][ T7590]  netlink_ack+0x15d/0xb80
[  210.384041][ T7590]  ? __lock_acquire+0xaa4/0x1ba0
[  210.384063][ T7590]  netlink_rcv_skb+0x347/0x440
[  210.384086][ T7590]  ? __pfx_genl_rcv_msg+0x10/0x10
[  210.384112][ T7590]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  210.384147][ T7590]  ? __pfx_down_read+0x10/0x10
[  210.384173][ T7590]  ? netlink_deliver_tap+0x1ae/0xd30
[  210.384199][ T7590]  genl_rcv+0x28/0x40
[  210.384221][ T7590]  netlink_unicast+0x53a/0x7f0
[  210.384247][ T7590]  ? __pfx_netlink_unicast+0x10/0x10
[  210.384277][ T7590]  netlink_sendmsg+0x8d1/0xdd0
[  210.384304][ T7590]  ? __pfx_netlink_sendmsg+0x10/0x10
[  210.384349][ T7590]  ____sys_sendmsg+0xa95/0xc70
[  210.384377][ T7590]  ? copy_msghdr_from_user+0x10a/0x160
[  210.384397][ T7590]  ? __pfx_____sys_sendmsg+0x10/0x10
[  210.384437][ T7590]  ___sys_sendmsg+0x134/0x1d0
[  210.384460][ T7590]  ? __pfx____sys_sendmsg+0x10/0x10
[  210.384518][ T7590]  __sys_sendmsg+0x16d/0x220
[  210.384540][ T7590]  ? __pfx___sys_sendmsg+0x10/0x10
[  210.384570][ T7590]  ? rcu_is_watching+0x12/0xc0
[  210.384599][ T7590]  do_syscall_64+0xcd/0x260
[  210.384625][ T7590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.384644][ T7590] RIP: 0033:0x7f557ad8d169
[  210.384658][ T7590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.384675][ T7590] RSP: 002b:00007f557bbf9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  210.384692][ T7590] RAX: ffffffffffffffda RBX: 00007f557afa5fa0 RCX: 00007f557ad8d169
[  210.384703][ T7590] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000005
[  210.384713][ T7590] RBP: 00007f557bbf9090 R08: 0000000000000000 R09: 0000000000000000
[  210.384723][ T7590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.384733][ T7590] R13: 0000000000000000 R14: 00007f557afa5fa0 R15: 00007ffc2a2f7c68
[  210.384757][ T7590]  </TASK>
[  210.651692][    C1] vkms_vblank_simulate: vblank timer overrun
[  210.790486][ T5872] usb 4-1: USB disconnect, device number 8
[  212.236591][ T7606] FAULT_INJECTION: forcing a failure.
[  212.236591][ T7606] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  212.250296][ T7606] CPU: 0 UID: 0 PID: 7606 Comm: syz.1.418 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  212.250326][ T7606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  212.250336][ T7606] Call Trace:
[  212.250342][ T7606]  <TASK>
[  212.250348][ T7606]  dump_stack_lvl+0x16c/0x1f0
[  212.250374][ T7606]  should_fail_ex+0x512/0x640
[  212.250397][ T7606]  _copy_from_user+0x2e/0xd0
[  212.250417][ T7606]  copy_msghdr_from_user+0x98/0x160
[  212.250437][ T7606]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  212.250469][ T7606]  ___sys_sendmsg+0xfe/0x1d0
[  212.250490][ T7606]  ? __pfx____sys_sendmsg+0x10/0x10
[  212.250541][ T7606]  __sys_sendmsg+0x16d/0x220
[  212.250567][ T7606]  ? __pfx___sys_sendmsg+0x10/0x10
[  212.250594][ T7606]  ? rcu_is_watching+0x12/0xc0
[  212.250623][ T7606]  do_syscall_64+0xcd/0x260
[  212.250647][ T7606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.250663][ T7606] RIP: 0033:0x7f557ad8d169
[  212.250676][ T7606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.250692][ T7606] RSP: 002b:00007f557bbb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  212.250709][ T7606] RAX: ffffffffffffffda RBX: 00007f557afa6160 RCX: 00007f557ad8d169
[  212.250720][ T7606] RDX: 0000000000008000 RSI: 0000200000000080 RDI: 0000000000000007
[  212.250731][ T7606] RBP: 00007f557bbb7090 R08: 0000000000000000 R09: 0000000000000000
[  212.250740][ T7606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.250750][ T7606] R13: 0000000000000000 R14: 00007f557afa6160 R15: 00007ffc2a2f7c68
[  212.250773][ T7606]  </TASK>
[  214.264714][ T7620] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  214.996721][ T5872] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  215.190280][ T5872] usb 3-1: Using ep0 maxpacket: 8
[  215.210277][ T5872] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  215.228891][ T5872] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.264655][ T5872] usb 3-1: Product: syz
[  215.272026][ T5872] usb 3-1: Manufacturer: syz
[  215.281272][ T5872] usb 3-1: SerialNumber: syz
[  215.860870][ T5872] usb 3-1: config 0 descriptor??
[  216.420736][ T5872] gspca_main: sq930x-2.14.0 probing 2770:930c
[  216.670216][ T5872] gspca_sq930x: reg_r 001f failed -71
[  216.703518][ T5872] sq930x 3-1:0.0: probe with driver sq930x failed with error -71
[  216.730648][ T5872] usb 3-1: USB disconnect, device number 13
[  217.189243][ T5873] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  219.290434][ T5873] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  219.326531][ T7653] bridge_slave_0: left allmulticast mode
[  219.332780][ T5873] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  219.341829][ T5873] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.342759][ T7653] bridge_slave_0: left promiscuous mode
[  219.357728][ T7653] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.361964][ T5873] usb 2-1: config 0 descriptor??
[  219.374411][ T7653] bridge_slave_1: left allmulticast mode
[  219.394456][ T7653] bridge_slave_1: left promiscuous mode
[  219.401765][ T7653] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.418332][ T7653] bond0: (slave bond_slave_0): Releasing backup interface
[  219.467717][ T7653] bond0: (slave bond_slave_1): Releasing backup interface
[  219.501978][ T7653] team0: Port device team_slave_0 removed
[  219.521654][ T7653] team0: Port device team_slave_1 removed
[  219.528192][ T7653] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  219.536318][ T7653] batman_adv: batadv0: Removing interface: batadv_slave_0
[  219.606351][ T7653] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  219.629276][ T5873] usbhid 2-1:0.0: can't add hid device: -71
[  219.630761][ T7653] batman_adv: batadv0: Removing interface: batadv_slave_1
[  219.648176][ T5873] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  219.904333][ T7668] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  220.384982][ T5873] usb 2-1: USB disconnect, device number 14
[  221.782887][ T5838] Bluetooth: hci4: link tx timeout
[  221.788077][ T5838] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  221.797586][ T5838] Bluetooth: hci4: link tx timeout
[  223.585662][ T7699] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  223.596062][ T7699] input input13: cannot allocate more than FF_MAX_EFFECTS effects
[  223.884866][ T5837] Bluetooth: hci4: command 0x0406 tx timeout
[  223.891019][ T5826] block nbd4: Receive control failed (result -32)
[  224.433848][ T7703] block nbd4: shutting down sockets
[  224.476182][ T7721] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  227.423808][ T5877] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  227.432423][   T30] audit: type=1400 audit(1744135556.274:389): avc:  denied  { setopt } for  pid=7751 comm="syz.3.453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  228.027720][ T5877] usb 3-1: Using ep0 maxpacket: 16
[  228.065651][ T5877] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  228.092695][ T5877] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  228.117812][ T5877] usb 3-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00
[  228.242764][ T5877] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.741121][ T5877] usb 3-1: config 0 descriptor??
[  229.714618][ T7735] fuse: Bad value for 'rootmode'
[  230.297141][ T7787] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  231.644597][ T5877] usbhid 3-1:0.0: can't add hid device: -71
[  232.644036][ T5877] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  232.653357][ T5877] usb 3-1: USB disconnect, device number 14
[  234.281284][ T7828] 9pnet_fd: Insufficient options for proto=fd
[  234.392758][   T30] audit: type=1400 audit(1744135563.154:390): avc:  denied  { ioctl } for  pid=7826 comm="syz.2.467" path="socket:[15609]" dev="sockfs" ino=15609 ioctlcmd=0xaa04 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  234.683477][ T5877] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  235.785164][ T5877] usb 3-1: device descriptor read/64, error -71
[  236.006224][ T7855] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  236.611633][ T5877] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  236.991878][ T5877] usb 3-1: device descriptor read/64, error -71
[  237.129833][ T5877] usb usb3-port1: attempt power cycle
[  239.759565][ T7895] xt_nat: multiple ranges no longer supported
[  240.003273][ T7895] netlink: 8 bytes leftover after parsing attributes in process `syz.3.480'.
[  240.074570][   T30] audit: type=1400 audit(1744135568.924:391): avc:  denied  { setopt } for  pid=7892 comm="syz.3.480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  240.648672][   T30] audit: type=1400 audit(1744135569.494:392): avc:  denied  { connect } for  pid=7894 comm="syz.0.486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  240.888943][   T30] audit: type=1400 audit(1744135569.524:393): avc:  denied  { setopt } for  pid=7894 comm="syz.0.486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  241.435489][ T7925] kvm: user requested TSC rate below hardware speed
[  241.654582][ T7933] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  244.068320][ T5876] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  244.227336][ T5874] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  244.338231][   T30] audit: type=1400 audit(1744135573.164:394): avc:  denied  { create } for  pid=7960 comm="syz.0.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  244.367960][   T30] audit: type=1400 audit(1744135573.164:395): avc:  denied  { write } for  pid=7960 comm="syz.0.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  244.391934][ T7965] netlink: 'syz.0.492': attribute type 21 has an invalid length.
[  244.552717][ T5876] usb 5-1: Using ep0 maxpacket: 8
[  244.557810][ T5874] usb 4-1: Using ep0 maxpacket: 16
[  244.566893][ T5874] usb 4-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  244.576694][ T5876] usb 5-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  244.591328][ T5874] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.614727][ T5876] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.639467][ T5874] usb 4-1: Product: syz
[  244.645334][ T5876] usb 5-1: Product: syz
[  244.727751][ T5874] usb 4-1: Manufacturer: syz
[  244.732896][ T5876] usb 5-1: Manufacturer: syz
[  244.737910][ T5874] usb 4-1: SerialNumber: syz
[  244.742492][ T5876] usb 5-1: SerialNumber: syz
[  244.751187][ T5874] usb 4-1: config 0 descriptor??
[  244.756572][ T5876] usb 5-1: config 0 descriptor??
[  244.772994][ T5876] gspca_main: sq930x-2.14.0 probing 2770:930c
[  244.781305][ T5874] ssu100 4-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  245.240688][ T5876] gspca_sq930x: reg_r 001f failed -71
[  245.256054][ T5876] sq930x 5-1:0.0: probe with driver sq930x failed with error -71
[  245.268969][ T5876] usb 5-1: USB disconnect, device number 10
[  245.349548][ T7981] FAULT_INJECTION: forcing a failure.
[  245.349548][ T7981] name failslab, interval 1, probability 0, space 0, times 0
[  245.430092][ T7981] CPU: 1 UID: 0 PID: 7981 Comm: syz.2.496 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  245.430120][ T7981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  245.430130][ T7981] Call Trace:
[  245.430136][ T7981]  <TASK>
[  245.430142][ T7981]  dump_stack_lvl+0x16c/0x1f0
[  245.430169][ T7981]  should_fail_ex+0x512/0x640
[  245.430188][ T7981]  ? __kmalloc_noprof+0xbf/0x510
[  245.430207][ T7981]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  245.430234][ T7981]  should_failslab+0xc2/0x120
[  245.430254][ T7981]  __kmalloc_noprof+0xd2/0x510
[  245.430271][ T7981]  ? avc_has_perm_noaudit+0x149/0x3b0
[  245.430289][ T7981]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  245.430320][ T7981]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  245.430346][ T7981]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  245.430380][ T7981]  ? bpf_lsm_capable+0x9/0x10
[  245.430395][ T7981]  ? security_capable+0x7e/0x260
[  245.430416][ T7981]  ? ns_capable+0xd7/0x110
[  245.430439][ T7981]  genl_rcv_msg+0x55c/0x800
[  245.430467][ T7981]  ? __pfx_genl_rcv_msg+0x10/0x10
[  245.430491][ T7981]  ? __pfx___dev_queue_xmit+0x10/0x10
[  245.430508][ T7981]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  245.430530][ T7981]  ? __pfx_nl80211_add_link+0x10/0x10
[  245.430552][ T7981]  ? __pfx_nl80211_post_doit+0x10/0x10
[  245.430575][ T7981]  ? __lock_acquire+0xaa4/0x1ba0
[  245.430597][ T7981]  netlink_rcv_skb+0x16a/0x440
[  245.430619][ T7981]  ? __pfx_genl_rcv_msg+0x10/0x10
[  245.430645][ T7981]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  245.430680][ T7981]  ? __pfx_down_read+0x10/0x10
[  245.430704][ T7981]  ? netlink_deliver_tap+0x1ae/0xd30
[  245.430729][ T7981]  genl_rcv+0x28/0x40
[  245.430751][ T7981]  netlink_unicast+0x53a/0x7f0
[  245.430777][ T7981]  ? __pfx_netlink_unicast+0x10/0x10
[  245.430806][ T7981]  netlink_sendmsg+0x8d1/0xdd0
[  245.430832][ T7981]  ? __pfx_netlink_sendmsg+0x10/0x10
[  245.430864][ T7981]  ____sys_sendmsg+0xa95/0xc70
[  245.430890][ T7981]  ? copy_msghdr_from_user+0x10a/0x160
[  245.430911][ T7981]  ? __pfx_____sys_sendmsg+0x10/0x10
[  245.430948][ T7981]  ___sys_sendmsg+0x134/0x1d0
[  245.430975][ T7981]  ? __pfx____sys_sendmsg+0x10/0x10
[  245.431027][ T7981]  __sys_sendmsg+0x16d/0x220
[  245.431048][ T7981]  ? __pfx___sys_sendmsg+0x10/0x10
[  245.431075][ T7981]  ? rcu_is_watching+0x12/0xc0
[  245.431103][ T7981]  do_syscall_64+0xcd/0x260
[  245.431128][ T7981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.431145][ T7981] RIP: 0033:0x7fdd1cf8d169
[  245.431159][ T7981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.431174][ T7981] RSP: 002b:00007fdd1dec6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  245.431192][ T7981] RAX: ffffffffffffffda RBX: 00007fdd1d1a5fa0 RCX: 00007fdd1cf8d169
[  245.431203][ T7981] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000004
[  245.431213][ T7981] RBP: 00007fdd1dec6090 R08: 0000000000000000 R09: 0000000000000000
[  245.431222][ T7981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  245.431231][ T7981] R13: 0000000000000000 R14: 00007fdd1d1a5fa0 R15: 00007fff48fb9f98
[  245.431255][ T7981]  </TASK>
[  245.742946][ T5874] ssu100 4-1:0.0: probe with driver ssu100 failed with error -71
[  245.796288][ T5874] usb 4-1: USB disconnect, device number 9
[  247.593339][ T7994] tmpfs: Unknown parameter 'huge½always'
[  248.070972][ T8015] lo speed is unknown, defaulting to 1000
[  248.077735][   T30] audit: type=1400 audit(1744135576.914:396): avc:  denied  { mount } for  pid=8008 comm="syz.3.503" name="/" dev="ramfs" ino=15885 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  248.145962][ T8015] lo speed is unknown, defaulting to 1000
[  248.184546][ T8015] lo speed is unknown, defaulting to 1000
[  248.276554][ T8015] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  248.672239][ T8015] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  248.810313][ T8036] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[  248.906437][ T8015] lo speed is unknown, defaulting to 1000
[  248.958643][ T8015] lo speed is unknown, defaulting to 1000
[  249.022079][ T8015] lo speed is unknown, defaulting to 1000
[  249.067893][ T8015] lo speed is unknown, defaulting to 1000
[  249.074504][ T8015] lo speed is unknown, defaulting to 1000
[  249.194590][   T30] audit: type=1400 audit(1744135578.044:397): avc:  denied  { unmount } for  pid=5820 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  251.133556][ T8060] bridge_slave_0: left promiscuous mode
[  251.292890][ T8060] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.372800][ T5877] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  251.523692][ T8060] bridge_slave_1: left allmulticast mode
[  251.535298][ T5877] usb 4-1: Using ep0 maxpacket: 8
[  251.548063][ T8060] bridge_slave_1: left promiscuous mode
[  251.556733][ T5877] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  251.576664][ T8060] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.582698][ T5877] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.622749][ T5877] usb 4-1: Product: syz
[  251.626919][ T5877] usb 4-1: Manufacturer: syz
[  251.635842][ T5877] usb 4-1: SerialNumber: syz
[  251.655739][ T5877] usb 4-1: config 0 descriptor??
[  251.673459][   T30] audit: type=1400 audit(1744135580.514:398): avc:  denied  { name_connect } for  pid=8075 comm="syz.0.517" dest=768 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hi_reserved_port_t tclass=sctp_socket permissive=1
[  251.682583][ T5877] gspca_main: sq930x-2.14.0 probing 2770:930c
[  251.705714][ T8060] bond0: (slave bond_slave_0): Releasing backup interface
[  251.732364][ T8077] netlink: 'syz.0.517': attribute type 4 has an invalid length.
[  251.771173][ T8060] bond0: (slave bond_slave_1): Releasing backup interface
[  251.799366][ T8060] team0: Port device team_slave_0 removed
[  251.816584][ T8060] team0: Port device team_slave_1 removed
[  251.823527][ T8060] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  251.830928][ T8060] batman_adv: batadv0: Removing interface: batadv_slave_0
[  251.843129][ T8060] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  251.851052][ T8060] batman_adv: batadv0: Removing interface: batadv_slave_1
[  251.884919][   T30] audit: type=1400 audit(1744135580.694:399): avc:  denied  { getopt } for  pid=8075 comm="syz.0.517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  251.905340][ T5877] gspca_sq930x: reg_r 001f failed -71
[  251.915180][ T5877] sq930x 4-1:0.0: probe with driver sq930x failed with error -71
[  251.939052][ T5877] usb 4-1: USB disconnect, device number 10
[  254.221904][   T30] audit: type=1400 audit(1744135580.714:400): avc:  denied  { accept } for  pid=8075 comm="syz.0.517" lport=55425 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  254.412750][ T8093] FAULT_INJECTION: forcing a failure.
[  254.412750][ T8093] name failslab, interval 1, probability 0, space 0, times 0
[  254.425774][ T8093] CPU: 0 UID: 0 PID: 8093 Comm: syz.2.519 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  254.425796][ T8093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  254.425805][ T8093] Call Trace:
[  254.425811][ T8093]  <TASK>
[  254.425817][ T8093]  dump_stack_lvl+0x16c/0x1f0
[  254.425849][ T8093]  should_fail_ex+0x512/0x640
[  254.425867][ T8093]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  254.425888][ T8093]  should_failslab+0xc2/0x120
[  254.425908][ T8093]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  254.425926][ T8093]  ? __alloc_skb+0x2b2/0x380
[  254.425949][ T8093]  __alloc_skb+0x2b2/0x380
[  254.425968][ T8093]  ? __pfx___alloc_skb+0x10/0x10
[  254.425985][ T8093]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  254.426006][ T8093]  ? lockdep_hardirqs_on+0x7c/0x110
[  254.426027][ T8093]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  254.426047][ T8093]  ? rcu_preempt_deferred_qs_irqrestore+0x4f5/0xbc0
[  254.426079][ T8093]  virtio_transport_alloc_skb+0x68/0xe20
[  254.426101][ T8093]  ? __rcu_read_unlock+0x2b4/0x580
[  254.426119][ T8093]  virtio_transport_send_pkt_info+0x7d7/0x1010
[  254.426151][ T8093]  virtio_transport_connect+0xb0/0xf0
[  254.426170][ T8093]  ? __pfx_virtio_transport_connect+0x10/0x10
[  254.426195][ T8093]  ? __asan_memset+0x23/0x50
[  254.426222][ T8093]  vsock_connect+0x447/0xee0
[  254.426241][ T8093]  ? release_sock+0x21/0x220
[  254.426262][ T8093]  ? do_raw_spin_lock+0x12c/0x2b0
[  254.426282][ T8093]  ? __pfx_vsock_connect+0x10/0x10
[  254.426302][ T8093]  ? find_held_lock+0x2b/0x80
[  254.426323][ T8093]  ? selinux_netlbl_socket_connect+0x30/0x40
[  254.426347][ T8093]  ? __pfx_autoremove_wake_function+0x10/0x10
[  254.426372][ T8093]  ? lockdep_hardirqs_on+0x7c/0x110
[  254.426391][ T8093]  ? selinux_netlbl_socket_connect+0x30/0x40
[  254.426413][ T8093]  ? __local_bh_enable_ip+0xa4/0x120
[  254.426437][ T8093]  ? selinux_socket_connect+0x6b/0x80
[  254.426461][ T8093]  ? __pfx_vsock_connect+0x10/0x10
[  254.426481][ T8093]  __sys_connect_file+0x13e/0x1a0
[  254.426501][ T8093]  __sys_connect+0x14d/0x170
[  254.426518][ T8093]  ? __pfx___sys_connect+0x10/0x10
[  254.426552][ T8093]  __x64_sys_connect+0x72/0xb0
[  254.426568][ T8093]  ? lockdep_hardirqs_on+0x7c/0x110
[  254.426587][ T8093]  do_syscall_64+0xcd/0x260
[  254.426611][ T8093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.426627][ T8093] RIP: 0033:0x7fdd1cf8d169
[  254.426642][ T8093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.426658][ T8093] RSP: 002b:00007fdd1de84038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  254.426675][ T8093] RAX: ffffffffffffffda RBX: 00007fdd1d1a6160 RCX: 00007fdd1cf8d169
[  254.426685][ T8093] RDX: 0000000000000010 RSI: 0000200000000140 RDI: 0000000000000009
[  254.426695][ T8093] RBP: 00007fdd1de84090 R08: 0000000000000000 R09: 0000000000000000
[  254.426705][ T8093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.426714][ T8093] R13: 0000000000000000 R14: 00007fdd1d1a6160 R15: 00007fff48fb9f98
[  254.426738][ T8093]  </TASK>
[  254.726892][    C0] vkms_vblank_simulate: vblank timer overrun
[  255.219053][   T30] audit: type=1400 audit(1744135584.064:401): avc:  denied  { setopt } for  pid=8097 comm="syz.3.521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  255.605111][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  255.615072][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  255.771997][ T8111] netlink: 'syz.4.523': attribute type 1 has an invalid length.
[  255.807140][ T8111] netlink: 216 bytes leftover after parsing attributes in process `syz.4.523'.
[  255.876070][   T30] audit: type=1400 audit(1744135584.724:402): avc:  denied  { connect } for  pid=8110 comm="syz.4.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  257.054822][ T8130] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.063044][ T8130] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.409553][ T8168] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.417039][ T8168] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.903571][ T8178] netlink: 'syz.0.536': attribute type 2 has an invalid length.
[  259.986580][   T30] audit: type=1400 audit(1744135588.834:403): avc:  denied  { map } for  pid=8180 comm="syz.3.537" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  260.024034][ T8178] : entered promiscuous mode
[  260.363539][ T8188] FAULT_INJECTION: forcing a failure.
[  260.363539][ T8188] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  260.416567][ T8188] CPU: 0 UID: 0 PID: 8188 Comm: syz.3.538 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  260.416593][ T8188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  260.416603][ T8188] Call Trace:
[  260.416609][ T8188]  <TASK>
[  260.416616][ T8188]  dump_stack_lvl+0x16c/0x1f0
[  260.416645][ T8188]  should_fail_ex+0x512/0x640
[  260.416668][ T8188]  should_fail_alloc_page+0xe7/0x130
[  260.416689][ T8188]  prepare_alloc_pages+0x3c2/0x610
[  260.416714][ T8188]  ? rcu_is_watching+0x12/0xc0
[  260.416742][ T8188]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  260.416761][ T8188]  ? __lock_acquire+0xaa4/0x1ba0
[  260.416777][ T8188]  ? cgroup_rstat_updated+0x2a/0xb20
[  260.416801][ T8188]  ? rcu_is_watching+0x12/0xc0
[  260.416821][ T8188]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  260.416839][ T8188]  ? __mod_zone_page_state+0xcc/0x1a0
[  260.416872][ T8188]  ? __lock_acquire+0x5ca/0x1ba0
[  260.416890][ T8188]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  260.416919][ T8188]  ? policy_nodemask+0xea/0x4e0
[  260.416939][ T8188]  alloc_pages_mpol+0x1fb/0x550
[  260.416959][ T8188]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  260.416978][ T8188]  ? __lock_acquire+0x5ca/0x1ba0
[  260.416998][ T8188]  folio_alloc_mpol_noprof+0x36/0x2f0
[  260.417021][ T8188]  vma_alloc_folio_noprof+0xed/0x1e0
[  260.417043][ T8188]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  260.417073][ T8188]  do_pte_missing+0x223d/0x3fb0
[  260.417107][ T8188]  __handle_mm_fault+0x103d/0x2a40
[  260.417140][ T8188]  ? __pfx___handle_mm_fault+0x10/0x10
[  260.417181][ T8188]  ? find_vma+0xbf/0x140
[  260.417199][ T8188]  ? __pfx_find_vma+0x10/0x10
[  260.417222][ T8188]  handle_mm_fault+0x3fe/0xad0
[  260.417253][ T8188]  do_user_addr_fault+0x7a6/0x1370
[  260.417275][ T8188]  ? rcu_is_watching+0x12/0xc0
[  260.417298][ T8188]  exc_page_fault+0x5c/0xc0
[  260.417317][ T8188]  asm_exc_page_fault+0x26/0x30
[  260.417333][ T8188] RIP: 0010:rep_stos_alternative+0x40/0x80
[  260.417349][ T8188] Code: c9 75 f6 c3 cc cc cc cc 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[  260.417364][ T8188] RSP: 0018:ffffc90003fefcd0 EFLAGS: 00050246
[  260.417380][ T8188] RAX: 0000000000000000 RBX: 000000007fffa000 RCX: 0000000000000040
[  260.417391][ T8188] RDX: ffff888030d92440 RSI: ffffffff8551eeb6 RDI: 0000200000006000
[  260.417401][ T8188] RBP: 0000000000001000 R08: 2cfb7b1ab8be5804 R09: 0000000000000001
[  260.417411][ T8188] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888030d92440
[  260.417421][ T8188] R13: 00007ffffffff000 R14: ffffed10061b2488 R15: 0000200000005040
[  260.417440][ T8188]  ? read_zero+0xc6/0x250
[  260.417460][ T8188]  read_zero+0xd6/0x250
[  260.417476][ T8188]  ? __pfx_read_zero+0x10/0x10
[  260.417492][ T8188]  vfs_read+0x1de/0xc70
[  260.417522][ T8188]  ? __pfx_vfs_read+0x10/0x10
[  260.417546][ T8188]  ? find_held_lock+0x2b/0x80
[  260.417568][ T8188]  ? __fget_files+0x204/0x3c0
[  260.417588][ T8188]  ? __fget_files+0x20e/0x3c0
[  260.417616][ T8188]  ksys_read+0x12a/0x240
[  260.417631][ T8188]  ? __pfx_ksys_read+0x10/0x10
[  260.417645][ T8188]  ? rcu_is_watching+0x12/0xc0
[  260.417672][ T8188]  do_syscall_64+0xcd/0x260
[  260.417696][ T8188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.417712][ T8188] RIP: 0033:0x7f493058d169
[  260.417726][ T8188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.417749][ T8188] RSP: 002b:00007f4931493038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  260.417764][ T8188] RAX: ffffffffffffffda RBX: 00007f49307a5fa0 RCX: 00007f493058d169
[  260.417775][ T8188] RDX: 00000000ffffff96 RSI: 0000200000000040 RDI: 0000000000000003
[  260.417785][ T8188] RBP: 00007f4931493090 R08: 0000000000000000 R09: 0000000000000000
[  260.417795][ T8188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.417804][ T8188] R13: 0000000000000000 R14: 00007f49307a5fa0 R15: 00007ffc14372c98
[  260.417828][ T8188]  </TASK>
[  261.826743][   T30] audit: type=1400 audit(1744135590.564:404): avc:  denied  { write } for  pid=8194 comm="syz.0.540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  264.133096][ T5838] Bluetooth: hci3: unexpected event for opcode 0x0c7a
[  264.430226][ T8220] netlink: 28 bytes leftover after parsing attributes in process `syz.0.548'.
[  264.439352][ T8220] netlink: 28 bytes leftover after parsing attributes in process `syz.0.548'.
[  264.477873][ T8220] dummy0: entered promiscuous mode
[  264.492739][   T30] audit: type=1400 audit(1744135593.334:405): avc:  denied  { shutdown } for  pid=8226 comm="syz.1.550" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  264.493032][    T9] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  264.524065][ T8220] syz_tun: entered promiscuous mode
[  264.594101][ T8220] netlink: 4 bytes leftover after parsing attributes in process `syz.0.548'.
[  264.825410][    T9] usb 3-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  265.286375][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.296489][    T9] usb 3-1: config 0 descriptor??
[  265.329637][    T9] gspca_main: cpia1-2.14.0 probing 0813:0001
[  265.424165][ T8234] netlink: 'syz.3.551': attribute type 10 has an invalid length.
[  265.442713][ T8234] netlink: 40 bytes leftover after parsing attributes in process `syz.3.551'.
[  265.451649][ T8234] dummy0: entered promiscuous mode
[  265.472861][ T8234] bridge0: port 1(dummy0) entered blocking state
[  265.489542][ T8234] bridge0: port 1(dummy0) entered disabled state
[  265.574008][ T8234] dummy0: entered allmulticast mode
[  265.601371][ T8234] bridge0: port 1(dummy0) entered blocking state
[  265.607859][ T8234] bridge0: port 1(dummy0) entered forwarding state
[  265.735674][    T9] cpia1 3-1:0.0: unexpected state after lo power cmd: 00
[  267.065304][ T8250] netlink: 8 bytes leftover after parsing attributes in process `syz.1.554'.
[  267.148185][    T9] cpia1 3-1:0.0: only firmware version 1 is supported (got: 0)
[  267.342814][ T5876] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  267.523079][ T5876] usb 2-1: Using ep0 maxpacket: 8
[  267.544925][ T5876] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  267.564700][    T9] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  267.565633][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  267.585271][ T5876] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  267.598434][ T5876] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  267.613583][ T5876] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.632780][ T5876] usb 2-1: config 0 descriptor??
[  267.744418][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  267.774280][    T9] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  267.804462][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.824780][    T9] usb 4-1: config 0 descriptor??
[  268.084028][ T8256] netlink: 4 bytes leftover after parsing attributes in process `syz.1.554'.
[  268.093054][ T8256] netlink: 4 bytes leftover after parsing attributes in process `syz.1.554'.
[  268.102488][ T8256] netlink: 4 bytes leftover after parsing attributes in process `syz.1.554'.
[  268.111749][ T8256] netlink: 4 bytes leftover after parsing attributes in process `syz.1.554'.
[  268.120752][ T8256] netlink: 4 bytes leftover after parsing attributes in process `syz.1.554'.
[  268.560884][ T5876] usb 3-1: USB disconnect, device number 18
[  268.815354][    T9] keytouch 0003:0926:3333.000E: fixing up Keytouch IEC report descriptor
[  268.853044][    T9] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.000E/input/input14
[  269.511900][ T8262] xt_policy: neither incoming nor outgoing policy selected
[  269.535600][    T9] keytouch 0003:0926:3333.000E: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  269.825869][    T9] usb 2-1: USB disconnect, device number 15
[  272.188676][ T5876] usb 4-1: USB disconnect, device number 11
[  273.413942][ T7189] ==================================================================
[  273.422020][ T7189] BUG: KASAN: slab-use-after-free in __list_del_entry_valid_or_report+0x1d4/0x200
[  273.431196][ T7189] Read of size 8 at addr ffff88805b9ef550 by task syz.4.304/7189
[  273.438882][ T7189] 
[  273.441193][ T7189] CPU: 1 UID: 0 PID: 7189 Comm: syz.4.304 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  273.441207][ T7189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  273.441214][ T7189] Call Trace:
[  273.441219][ T7189]  <TASK>
[  273.441224][ T7189]  dump_stack_lvl+0x116/0x1f0
[  273.441242][ T7189]  print_report+0xc3/0x670
[  273.441255][ T7189]  ? __virt_addr_valid+0x5e/0x590
[  273.441271][ T7189]  ? __phys_addr+0xc6/0x150
[  273.441286][ T7189]  ? __list_del_entry_valid_or_report+0x1d4/0x200
[  273.441301][ T7189]  kasan_report+0xe0/0x110
[  273.441312][ T7189]  ? __list_del_entry_valid_or_report+0x1d4/0x200
[  273.441328][ T7189]  __list_del_entry_valid_or_report+0x1d4/0x200
[  273.441342][ T7189]  bt_accept_unlink+0x34/0x2e0
[  273.441360][ T7189]  l2cap_sock_teardown_cb+0x1a3/0x3c0
[  273.441374][ T7189]  l2cap_chan_del+0xba/0x8f0
[  273.441389][ T7189]  l2cap_conn_del+0x37a/0x730
[  273.441403][ T7189]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  273.441420][ T7189]  ? __pfx_l2cap_disconn_cfm+0x10/0x10
[  273.441435][ T7189]  l2cap_disconn_cfm+0x96/0xd0
[  273.441450][ T7189]  hci_conn_hash_flush+0x10b/0x260
[  273.441464][ T7189]  hci_dev_close_sync+0x602/0x11d0
[  273.441478][ T7189]  ? __pfx_hci_dev_close_sync+0x10/0x10
[  273.441490][ T7189]  ? up_write+0x1b2/0x520
[  273.441502][ T7189]  hci_dev_do_close+0x2e/0x90
[  273.441518][ T7189]  hci_unregister_dev+0x213/0x620
[  273.441530][ T7189]  ? __pfx_vhci_release+0x10/0x10
[  273.441546][ T7189]  vhci_release+0x79/0xf0
[  273.441561][ T7189]  __fput+0x3ff/0xb70
[  273.441575][ T7189]  task_work_run+0x14d/0x240
[  273.441587][ T7189]  ? __pfx_task_work_run+0x10/0x10
[  273.441601][ T7189]  do_exit+0xafb/0x2c30
[  273.441612][ T7189]  ? __pfx_do_exit+0x10/0x10
[  273.441620][ T7189]  ? cgroup_update_frozen_flag+0x107/0x210
[  273.441638][ T7189]  ? find_held_lock+0x2b/0x80
[  273.441651][ T7189]  do_group_exit+0xd3/0x2a0
[  273.441661][ T7189]  get_signal+0x2673/0x26d0
[  273.441676][ T7189]  ? hrtimer_nanosleep+0x187/0x380
[  273.441690][ T7189]  ? __pfx_get_signal+0x10/0x10
[  273.441703][ T7189]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  273.441716][ T7189]  arch_do_signal_or_restart+0x8f/0x7d0
[  273.441732][ T7189]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  273.441749][ T7189]  ? __pfx___x64_sys_clock_nanosleep+0x10/0x10
[  273.441764][ T7189]  syscall_exit_to_user_mode+0x150/0x2a0
[  273.441779][ T7189]  do_syscall_64+0xda/0x260
[  273.441794][ T7189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.441805][ T7189] RIP: 0033:0x7f0094dbfa25
[  273.441814][ T7189] Code: Unable to access opcode bytes at 0x7f0094dbf9fb.
[  273.441819][ T7189] RSP: 002b:00007f0092bd4f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[  273.441829][ T7189] RAX: fffffffffffffdfc RBX: 00007f0094fa6080 RCX: 00007f0094dbfa25
[  273.441836][ T7189] RDX: 00007f0092bd4fc0 RSI: 0000000000000000 RDI: 0000000000000000
[  273.441842][ T7189] RBP: 00007f0094e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  273.441848][ T7189] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  273.441854][ T7189] R13: 0000000000000000 R14: 00007f0094fa6080 R15: 00007ffeb862a878
[  273.441863][ T7189]  </TASK>
[  273.441867][ T7189] 
[  273.739647][ T7189] Allocated by task 8290:
[  273.743947][ T7189]  kasan_save_stack+0x33/0x60
[  273.748599][ T7189]  kasan_save_track+0x14/0x30
[  273.753265][ T7189]  __kasan_kmalloc+0xaa/0xb0
[  273.757826][ T7189]  __kmalloc_node_track_caller_noprof+0x221/0x510
[  273.764214][ T7189]  kmalloc_reserve+0xef/0x2c0
[  273.768866][ T7189]  __alloc_skb+0x166/0x380
[  273.773257][ T7189]  skb_copy_expand+0x1d0/0x410
[  273.777992][ T7189]  sctp_ulpevent_make_send_failed_event+0x58/0xb50
[  273.784471][ T7189]  sctp_datamsg_put+0x40a/0x5f0
[  273.789292][ T7189]  sctp_chunk_free+0x45/0x60
[  273.793853][ T7189]  __sctp_outq_teardown+0x70a/0xc40
[  273.799019][ T7189]  sctp_association_free+0x210/0x7e0
[  273.804274][ T7189]  sctp_do_sm+0x22dc/0x5c80
[  273.808758][ T7189]  sctp_primitive_SHUTDOWN+0x9f/0xd0
[  273.814014][ T7189]  sctp_shutdown+0x137/0x180
[  273.818589][ T7189]  inet_shutdown+0x1a2/0x440
[  273.823153][ T7189]  __sys_shutdown+0x113/0x1a0
[  273.827817][ T7189]  __x64_sys_shutdown+0x53/0x80
[  273.832659][ T7189]  do_syscall_64+0xcd/0x260
[  273.837155][ T7189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.843025][ T7189] 
[  273.845329][ T7189] Freed by task 8283:
[  273.849284][ T7189]  kasan_save_stack+0x33/0x60
[  273.853938][ T7189]  kasan_save_track+0x14/0x30
[  273.858585][ T7189]  kasan_save_free_info+0x3b/0x60
[  273.863586][ T7189]  __kasan_slab_free+0x51/0x70
[  273.868321][ T7189]  kfree+0x2b6/0x4d0
[  273.872188][ T7189]  skb_free_head+0x108/0x1d0
[  273.876759][ T7189]  skb_release_data+0x7a5/0x960
[  273.881595][ T7189]  sk_skb_reason_drop+0x129/0x1a0
[  273.886609][ T7189]  sctp_queue_purge_ulpevents+0xb8/0x100
[  273.892252][ T7189]  sctp_close+0x13b/0x940
[  273.896565][ T7189]  inet_release+0x13c/0x280
[  273.901045][ T7189]  inet6_release+0x4f/0x70
[  273.905432][ T7189]  __sock_release+0xb0/0x270
[  273.909994][ T7189]  sock_close+0x1c/0x30
[  273.914121][ T7189]  __fput+0x3ff/0xb70
[  273.918089][ T7189]  task_work_run+0x14d/0x240
[  273.922655][ T7189]  syscall_exit_to_user_mode+0x27b/0x2a0
[  273.928275][ T7189]  do_syscall_64+0xda/0x260
[  273.933274][ T7189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.939140][ T7189] 
[  273.941437][ T7189] The buggy address belongs to the object at ffff88805b9ef000
[  273.941437][ T7189]  which belongs to the cache kmalloc-2k of size 2048
[  273.955463][ T7189] The buggy address is located 1360 bytes inside of
[  273.955463][ T7189]  freed 2048-byte region [ffff88805b9ef000, ffff88805b9ef800)
[  273.969406][ T7189] 
[  273.971705][ T7189] The buggy address belongs to the physical page:
[  273.978093][ T7189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5b9e8
[  273.986822][ T7189] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  273.995991][ T7189] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  274.003943][ T7189] page_type: f5(slab)
[  274.007903][ T7189] raw: 00fff00000000040 ffff88801b442000 0000000000000000 dead000000000001
[  274.016470][ T7189] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[  274.025042][ T7189] head: 00fff00000000040 ffff88801b442000 0000000000000000 dead000000000001
[  274.033685][ T7189] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[  274.042331][ T7189] head: 00fff00000000003 ffffea00016e7a01 00000000ffffffff 00000000ffffffff
[  274.050975][ T7189] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  274.059614][ T7189] page dumped because: kasan: bad access detected
[  274.065994][ T7189] page_owner tracks the page as allocated
[  274.071694][ T7189] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5820, tgid 5820 (syz-executor), ts 62713176711, free_ts 14286817355
[  274.092869][ T7189]  post_alloc_hook+0x181/0x1b0
[  274.097631][ T7189]  get_page_from_freelist+0x1193/0x39b0
[  274.103150][ T7189]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  274.109028][ T7189]  alloc_pages_mpol+0x1fb/0x550
[  274.113852][ T7189]  new_slab+0x23c/0x330
[  274.117983][ T7189]  ___slab_alloc+0xd9c/0x1940
[  274.122636][ T7189]  __slab_alloc.constprop.0+0x56/0xb0
[  274.127998][ T7189]  __kmalloc_node_track_caller_noprof+0x2ee/0x510
[  274.134402][ T7189]  kmalloc_reserve+0xef/0x2c0
[  274.139065][ T7189]  pskb_expand_head+0x22d/0x10b0
[  274.143981][ T7189]  netlink_trim+0x22d/0x310
[  274.148476][ T7189]  netlink_broadcast_filtered+0xca/0xf10
[  274.154083][ T7189]  nlmsg_notify+0x9e/0x220
[  274.158486][ T7189]  rtnetlink_event+0x177/0x1f0
[  274.163226][ T7189]  notifier_call_chain+0xb9/0x410
[  274.168298][ T7189]  call_netdevice_notifiers_info+0xbe/0x140
[  274.174186][ T7189] page last free pid 1 tgid 1 stack trace:
[  274.179978][ T7189]  __free_frozen_pages+0x69d/0xff0
[  274.185070][ T7189]  free_contig_range+0x135/0x3f0
[  274.189982][ T7189]  destroy_args+0x66f/0x830
[  274.194472][ T7189]  debug_vm_pgtable+0x130e/0x2d50
[  274.199475][ T7189]  do_one_initcall+0x120/0x6e0
[  274.204227][ T7189]  kernel_init_freeable+0x5c2/0x900
[  274.209405][ T7189]  kernel_init+0x1c/0x2b0
[  274.213706][ T7189]  ret_from_fork+0x45/0x80
[  274.218092][ T7189]  ret_from_fork_asm+0x1a/0x30
[  274.222836][ T7189] 
[  274.225149][ T7189] Memory state around the buggy address:
[  274.230747][ T7189]  ffff88805b9ef400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  274.238778][ T7189]  ffff88805b9ef480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  274.246815][ T7189] >ffff88805b9ef500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  274.254848][ T7189]                                                  ^
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  274.261489][ T7189]  ffff88805b9ef580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  274.269521][ T7189]  ffff88805b9ef600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  274.277550][ T7189] ==================================================================
[  274.337290][ T7189] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  274.344518][ T7189] CPU: 1 UID: 0 PID: 7189 Comm: syz.4.304 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  274.354675][ T7189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  274.364722][ T7189] Call Trace:
[  274.367985][ T7189]  <TASK>
[  274.370898][ T7189]  dump_stack_lvl+0x3d/0x1f0
[  274.375477][ T7189]  panic+0x71c/0x800
[  274.379354][ T7189]  ? __pfx_panic+0x10/0x10
[  274.383746][ T7189]  ? irqentry_exit+0x3b/0x90
[  274.388319][ T7189]  ? lockdep_hardirqs_on+0x7c/0x110
[  274.393499][ T7189]  ? preempt_schedule_thunk+0x16/0x30
[  274.398850][ T7189]  ? __list_del_entry_valid_or_report+0x1d4/0x200
[  274.405251][ T7189]  ? preempt_schedule_common+0x44/0xc0
[  274.410691][ T7189]  ? check_panic_on_warn+0x1f/0xb0
[  274.415786][ T7189]  ? __list_del_entry_valid_or_report+0x1d4/0x200
[  274.422186][ T7189]  check_panic_on_warn+0xab/0xb0
[  274.427104][ T7189]  end_report+0x107/0x170
[  274.431415][ T7189]  kasan_report+0xee/0x110
[  274.435810][ T7189]  ? __list_del_entry_valid_or_report+0x1d4/0x200
[  274.442210][ T7189]  __list_del_entry_valid_or_report+0x1d4/0x200
[  274.448437][ T7189]  bt_accept_unlink+0x34/0x2e0
[  274.453197][ T7189]  l2cap_sock_teardown_cb+0x1a3/0x3c0
[  274.458554][ T7189]  l2cap_chan_del+0xba/0x8f0
[  274.463126][ T7189]  l2cap_conn_del+0x37a/0x730
[  274.467794][ T7189]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  274.473761][ T7189]  ? __pfx_l2cap_disconn_cfm+0x10/0x10
[  274.479202][ T7189]  l2cap_disconn_cfm+0x96/0xd0
[  274.483959][ T7189]  hci_conn_hash_flush+0x10b/0x260
[  274.489054][ T7189]  hci_dev_close_sync+0x602/0x11d0
[  274.494147][ T7189]  ? __pfx_hci_dev_close_sync+0x10/0x10
[  274.499689][ T7189]  ? up_write+0x1b2/0x520
[  274.504012][ T7189]  hci_dev_do_close+0x2e/0x90
[  274.508669][ T7189]  hci_unregister_dev+0x213/0x620
[  274.513675][ T7189]  ? __pfx_vhci_release+0x10/0x10
[  274.518686][ T7189]  vhci_release+0x79/0xf0
[  274.523004][ T7189]  __fput+0x3ff/0xb70
[  274.526979][ T7189]  task_work_run+0x14d/0x240
[  274.531549][ T7189]  ? __pfx_task_work_run+0x10/0x10
[  274.536643][ T7189]  do_exit+0xafb/0x2c30
[  274.540776][ T7189]  ? __pfx_do_exit+0x10/0x10
[  274.545342][ T7189]  ? cgroup_update_frozen_flag+0x107/0x210
[  274.551135][ T7189]  ? find_held_lock+0x2b/0x80
[  274.555798][ T7189]  do_group_exit+0xd3/0x2a0
[  274.560280][ T7189]  get_signal+0x2673/0x26d0
[  274.564783][ T7189]  ? hrtimer_nanosleep+0x187/0x380
[  274.569888][ T7189]  ? __pfx_get_signal+0x10/0x10
[  274.574723][ T7189]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  274.579911][ T7189]  arch_do_signal_or_restart+0x8f/0x7d0
[  274.585451][ T7189]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  274.591594][ T7189]  ? __pfx___x64_sys_clock_nanosleep+0x10/0x10
[  274.597738][ T7189]  syscall_exit_to_user_mode+0x150/0x2a0
[  274.603356][ T7189]  do_syscall_64+0xda/0x260
[  274.607843][ T7189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.613714][ T7189] RIP: 0033:0x7f0094dbfa25
[  274.618106][ T7189] Code: Unable to access opcode bytes at 0x7f0094dbf9fb.
[  274.625100][ T7189] RSP: 002b:00007f0092bd4f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[  274.633498][ T7189] RAX: fffffffffffffdfc RBX: 00007f0094fa6080 RCX: 00007f0094dbfa25
[  274.641450][ T7189] RDX: 00007f0092bd4fc0 RSI: 0000000000000000 RDI: 0000000000000000
[  274.649403][ T7189] RBP: 00007f0094e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  274.657364][ T7189] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  274.665314][ T7189] R13: 0000000000000000 R14: 00007f0094fa6080 R15: 00007ffeb862a878
[  274.673270][ T7189]  </TASK>
[  274.676458][ T7189] Kernel Offset: disabled
[  274.680758][ T7189] Rebooting in 86400 seconds..